Re: [oauth] OAUTH Charter Proposal
Eran Hammer-Lahav <eran@hueniverse.com> Mon, 02 February 2009 18:50 UTC
Return-Path: <oauth-bounces@ietf.org>
X-Original-To: oauth-archive@ietf.org
Delivered-To: ietfarch-oauth-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6200A3A6AC8; Mon, 2 Feb 2009 10:50:21 -0800 (PST)
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 116193A6AEE for <oauth@core3.amsl.com>; Mon, 2 Feb 2009 10:50:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.395
X-Spam-Level:
X-Spam-Status: No, score=-4.395 tagged_above=-999 required=5 tests=[AWL=-1.797, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9CPDMPVz4X9P for <oauth@core3.amsl.com>; Mon, 2 Feb 2009 10:50:16 -0800 (PST)
Received: from p3plex1out01.prod.phx3.secureserver.net (p3plex1out01.prod.phx3.secureserver.net [72.167.180.17]) by core3.amsl.com (Postfix) with SMTP id 80C4C3A6AC8 for <oauth@ietf.org>; Mon, 2 Feb 2009 10:50:16 -0800 (PST)
Received: (qmail 10422 invoked from network); 2 Feb 2009 18:49:57 -0000
Received: from unknown (HELO smtp.ex1.secureserver.net) (72.167.180.20) by p3plex1out01.prod.phx3.secureserver.net with SMTP; 2 Feb 2009 18:49:57 -0000
Received: from P3PW5EX1MB01.EX1.SECURESERVER.NET ([10.6.135.19]) by P3PW5EX1HT002.EX1.SECURESERVER.NET ([72.167.180.20]) with mapi; Mon, 2 Feb 2009 11:49:57 -0700
From: Eran Hammer-Lahav <eran@hueniverse.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Date: Mon, 02 Feb 2009 11:49:45 -0700
Thread-Topic: [oauth] OAUTH Charter Proposal
Thread-Index: AcmFZjvnlaUDAynyQ0KLfQyCsucB4QAAB3fw
Message-ID: <90C41DD21FB7C64BB94121FBBC2E7234127C939A2B@P3PW5EX1MB01.EX1.SECURESERVER.NET>
References: <3D3C75174CB95F42AD6BCC56E5555B45FFEE62@FIESEXC015.nsn-intra.net> <1bc4603e0902020024j71230bbr47b0b2c65b58b2b4@mail.gmail.com> <ca722a9e0902021044y3e305ed1rf5a568d20d8bcb35@mail.gmail.com>
In-Reply-To: <ca722a9e0902021044y3e305ed1rf5a568d20d8bcb35@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
MIME-Version: 1.0
Subject: Re: [oauth] OAUTH Charter Proposal
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Oauth bof discussion <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1856291084=="
Sender: oauth-bounces@ietf.org
Errors-To: oauth-bounces@ietf.org
Of course, even 'delegation' is a problematic term. HTTP Basic auth is not considered a delegation protocol but it really is. The End User gives the User Agent some credentials to access resources on its behalf on the Web Server. There is no restriction in Basic auth about the number of credentials used, so there could be a special one to give the browser. Hmm. I guess that makes OAuth a 'goddamn goddamn protocol', if we replace all the problematic words... of course that does not help us at all. I would not waste too much time trying to find a one liner to describe the protocol. And when in doubt, the Core 1.0 spec defines a framework for us to work with, and can always be used to draw the lines of what we are trying to solve. EHL
_______________________________________________ oauth mailing list oauth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
- Re: [oauth] OAUTH Charter Proposal James Aylett
- [oauth] OAUTH Charter Proposal Hannes Tschofenig
- Re: [oauth] OAUTH Charter Proposal Blaine Cook
- Re: [oauth] OAUTH Charter Proposal Hannes Tschofenig
- Re: [oauth] OAUTH Charter Proposal Eran Hammer-Lahav
- Re: [oauth] OAUTH Charter Proposal Krishna Sankar
- Re: [oauth] OAUTH Charter Proposal Hannes Tschofenig
- Re: [oauth] OAUTH Charter Proposal Krishna Sankar
- Re: [oauth] OAUTH Charter Proposal Hannes Tschofenig
- Re: [oauth] OAUTH Charter Proposal Krishna Sankar
- Re: [oauth] OAUTH Charter Proposal Chris Messina
- Re: [oauth] OAUTH Charter Proposal Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [oauth] OAUTH Charter Proposal Chris Messina
- Re: [oauth] OAUTH Charter Proposal Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [oauth] OAUTH Charter Proposal George Fletcher
- Re: [oauth] OAUTH Charter Proposal Hubert Le Van Gong
- Re: [oauth] OAUTH Charter Proposal Hannes Tschofenig
- Re: [oauth] OAUTH Charter Proposal Hannes Tschofenig
- Re: [oauth] OAUTH Charter Proposal Hubert Le Van Gong
- Re: [oauth] OAUTH Charter Proposal Eran Hammer-Lahav
- Re: [oauth] OAUTH Charter Proposal Blaine Cook
- Re: [oauth] OAUTH Charter Proposal Eran Hammer-Lahav
- Re: [oauth] OAUTH Charter Proposal kellan
- Re: [oauth] OAUTH Charter Proposal John Kemp
- Re: [oauth] OAUTH Charter Proposal Blaine Cook
- Re: [oauth] OAUTH Charter Proposal George Fletcher
- Re: [oauth] OAUTH Charter Proposal Lisa Dusseault
- Re: [oauth] OAUTH Charter Proposal Eran Hammer-Lahav
- Re: [oauth] OAUTH Charter Proposal Hallam-Baker, Phillip
- Re: [oauth] OAUTH Charter Proposal Bill de hOra
- Re: [oauth] OAUTH Charter Proposal Joseph A Holsten
- Re: [oauth] OAUTH Charter Proposal Hannes Tschofenig