IETF Logo Mail Archive

Re: [OAUTH-WG] Dynamic Client Registration: IPR Confirmation

Justin Richer <jricher@MIT.EDU> Wed, 16 July 2014 11:41 UTC

Return-Path: <jricher@mit.edu>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2BFB11B283B for <oauth@ietfa.amsl.com>; Wed, 16 Jul 2014 04:41:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.251
X-Spam-Level:
X-Spam-Status: No, score=-3.251 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C1FbQVPVrSeH for <oauth@ietfa.amsl.com>; Wed, 16 Jul 2014 04:41:30 -0700 (PDT)
Received: from dmz-mailsec-scanner-6.mit.edu (dmz-mailsec-scanner-6.mit.edu [18.7.68.35]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B2EA61A0535 for <oauth@ietf.org>; Wed, 16 Jul 2014 04:41:29 -0700 (PDT)
X-AuditID: 12074423-f79bf6d000007580-ce-53c664e8478e
Received: from mailhub-auth-3.mit.edu ( [18.9.21.43]) (using TLS with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-6.mit.edu (Symantec Messaging Gateway) with SMTP id 7C.59.30080.8E466C35; Wed, 16 Jul 2014 07:41:28 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-3.mit.edu (8.13.8/8.9.2) with ESMTP id s6GBfRSC002750; Wed, 16 Jul 2014 07:41:27 -0400
Received: from [192.168.128.57] (static-96-237-195-53.bstnma.fios.verizon.net [96.237.195.53]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id s6GBfPJj023063 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Wed, 16 Jul 2014 07:41:26 -0400
Message-ID: <53C664DC.50907@mit.edu>
Date: Wed, 16 Jul 2014 07:41:16 -0400
From: Justin Richer <jricher@MIT.EDU>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>, Mike Jones <Michael.Jones@microsoft.com>, "oauth@ietf.org" <oauth@ietf.org>
References: <53BBDBEE.703@gmx.net>, <BE6275F6-27D0-4A7A-ABA2-18B571BFDF18@oracle.com> <4E1F6AAD24975D4BA5B16804296739439ADA02B7@TK5EX14MBXC294.redmond.corp.microsoft.com> <4E1F6AAD24975D4BA5B16804296739439ADA1766@TK5EX14MBXC294.redmond.corp.microsoft.com> <4E1F6AAD24975D4BA5B16804296739439ADAB98C@TK5EX14MBXC294.redmond.corp.microsoft.com> <53C65120.4020302@gmx.net>
In-Reply-To: <53C65120.4020302@gmx.net>
Content-Type: multipart/alternative; boundary="------------000402050901040403060209"
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFupnleLIzCtJLcpLzFFi42IR4hTV1n2RcizYYM1JOYulO++xWuyd9onF 4uTbV2wOzB6LN+1n81iy5CeTR+uOv+wBzFFcNimpOZllqUX6dglcGffOfGQu2JNbceHjQrYG xv0RXYycHBICJhKLn25ngbDFJC7cW8/WxcjFISQwm0mib9d6VghnI6PEpAl3mUGqhARuM0ms 7FQCsXkFVCS+/OtmB7FZBFQldpz+wgZiswHZ81feYgKxRQWiJO5c6meFqBeUODnzCQvIUBGB CYwSe2ZdAmsWFnCV+D19B9Tq90wSO1YcALuJU0Bd4uC1XjCbWSBMYtLT96wTGPlnIRk2C0lq FiMHkG0t8W13EURYXmL72znMELa2xKres0zI4gsY2VYxyqbkVunmJmbmFKcm6xYnJ+blpRbp munlZpbopaaUbmIEhTu7i/IOxj8HlQ4xCnAwKvHwbgg5GizEmlhWXJl7iFGSg0lJlLfD4liw EF9SfkplRmJxRnxRaU5q8SFGCQ5mJRFeB3+gHG9KYmVValE+TEqag0VJnPettVWwkEB6Yklq dmpqQWoRTFaGg0NJglcRGNdCgkWp6akVaZk5JQhpJg5OkOE8QMOXJYMMLy5IzC3OTIfIn2JU lBLn/ZAElBAASWSU5sH1wtLRK0ZxoFeEeXlBVvAAUxlc9yugwUxAg8trDoMMLklESEk1MCYc Zshn3Bb/+vj6iXcSnlbI/7/zWpjh0r6ru1JknZW9z00V1q8Ql9h67t6zpc6znh6fNPvql+Jn k1PS4i1CZCeYfhb02fpXYrMvQ098ZOsWHoPFU4JuLfgb+PbOLOmjDx6/YDuwPHDa8z7rmYzf d74qt3ZZ7rlq9sNopkv7jisnsQnKHXoaf2e/EktxRqKhFnNRcSIAxZlJKiIDAAA=
Archived-At: http://mailarchive.ietf.org/arch/msg/oauth/bYl680Dr7OdTAV3ZyIgPStydPnM
Subject: Re: [OAUTH-WG] Dynamic Client Registration: IPR Confirmation
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Jul 2014 11:41:34 -0000

I thought I had sent this note already, but I don't see it in the 
archives or in my 'sent' folder:

If we're going to point to OpenID Connect (which I'm fine with), then we 
should clarify that portions were also taken from the UMA specification. 
In fact, draft -00 actually *was* the UMA specification text entirely. 
This is also what the OpenID Connect registration specification was 
(loosely) based on when it was started.

In reality, the relationship between these three documents from three 
different SBO's is more complicated: they all grew up together and 
effectively merged to become wire-compatible with each other. There were 
a number of changes that were discussed here in the IETF that OpenID 
Connect adopted, and a number of changes that were discussed at OIDF 
that were adopted here. OIDC also extends the IETF draft with a set of 
OIDC-specific metadata fields and editorial language that makes it fit 
more closely in the OIDC landscape, but make no mistake: they're the 
same protocol. In the case of UMA, it's a straight normative reference 
to the IETF document now because we were able to incorporate those use 
cases and parameters directly.

The trouble is, I'm not sure how to concisely state that all that in the 
draft text, but it's not as simple as "we copied OpenID", which is what 
the text below seems to say.

  -- Justin

On 7/16/2014 6:17 AM, Hannes Tschofenig wrote:
> Thanks, Mike.
>
> This is a useful addition and reflects the relationship between the two
> efforts.
>
> Please add it to the next draft version.
>
> Ciao
> Hannes
>
> On 07/15/2014 09:46 PM, Mike Jones wrote:
>> So that the working group has concrete language to consider, propose the
>> following language to the OAuth Dynamic Client Registration specification:
>>
>>   
>>
>> Portions of this specification are derived from the OpenID Connect
>> Dynamic Registration [OpenID.Registration] specification.  This was done
>> so that implementations of this specification and OpenID Connect Dynamic
>> Registration can be compatible with one another.
>>
>>   
>>
>>                                                              -- Mike
>>
>>   
>>
>> *From:*OAuth [mailto:oauth-bounces@ietf.org] *On Behalf Of *Mike Jones
>> *Sent:* Tuesday, July 08, 2014 7:15 PM
>> *To:* Phil Hunt; Hannes Tschofenig
>> *Cc:* Maciej Machulak; oauth@ietf.org
>> *Subject:* Re: [OAUTH-WG] Dynamic Client Registration: IPR Confirmation
>>
>>   
>>
>> Thinking about this some more, there is one IPR issue that we need to
>> address before publication.  This specification is a derivative work
>> from the OpenID Connect Dynamic Registration specification
>> http://openid.net/specs/openid-connect-registration-1_0.html.  Large
>> portions of the text were copied wholesale from that spec to this one,
>> so that the two would be compatible.  (This is good thing -- not a bad
>> thing.)
>>
>>   
>>
>> This is easy to address from an IPR perspective -- simply acknowledge
>> that this spec is a derivative work and provide proper attribution.  The
>> OpenID copyright in the spec at
>> http://openid.net/specs/openid-connect-registration-1_0.html#Notices
>> allows for this resolution.  It says:
>>
>>   
>>
>> Copyright (c) 2014 The OpenID Foundation.
>>
>> The OpenID Foundation (OIDF) grants to any Contributor, developer,
>> implementer, or other interested party a non-exclusive, royalty free,
>> worldwide copyright license to reproduce, prepare derivative works from,
>> distribute, perform and display, this Implementers Draft or Final
>> Specification solely for the purposes of (i) developing specifications,
>> and (ii) implementing Implementers Drafts and Final Specifications based
>> on such documents, provided that attribution be made to the OIDF as the
>> source of the material, but that such attribution does not indicate an
>> endorsement by the OIDF.
>>
>> Let's add the reference and acknowledgment in the next version.
>>
>>   
>>
>>                                                              -- Mike
>>
>>   
>>
>> *From:*Mike Jones
>> *Sent:* Tuesday, July 08, 2014 10:06 AM
>> *To:* Phil Hunt; Hannes Tschofenig
>> *Cc:* John Bradley; Justin Richer; Maciej Machulak; oauth@ietf.org
>> <mailto:oauth@ietf.org>
>> *Subject:* RE: Dynamic Client Registration: IPR Confirmation
>>
>>   
>>
>> I likewise do not hold any IPR on these specs.
>>
>> ------------------------------------------------------------------------
>>
>> *From: *Phil Hunt <mailto:phil.hunt@oracle.com>
>> *Sent: *?7/?8/?2014 9:11 AM
>> *To: *Hannes Tschofenig <mailto:hannes.tschofenig@gmx.net>
>> *Cc: *Mike Jones <mailto:Michael.Jones@microsoft.com>; John Bradley
>> <mailto:ve7jtb@ve7jtb.com>; Justin Richer <mailto:jricher@mitre.org>;
>> Maciej Machulak <mailto:m.p.machulak@ncl.ac.uk>; oauth@ietf.org
>> <mailto:oauth@ietf.org>
>> *Subject: *Re: Dynamic Client Registration: IPR Confirmation
>>
>> I confirm I have no IPR disclosures on this document.
>>
>> Phil
>>
>>> On Jul 8, 2014, at 4:54, Hannes Tschofenig <hannes.tschofenig@gmx.net <mailto:hannes.tschofenig@gmx.net>> wrote:
>>>
>>> Hi Phil, John, Maciej, Justin, Mike,
>>>
>>> I am working on the shepherd writeup for the dynamic client registration
>>> document and one item in the template requires me to indicate whether
>>> each document author has confirmed that any and all appropriate IPR
>>> disclosures required for full conformance with the provisions of BCP 78
>>> and BCP 79 have already been filed.
>>>
>>> Could you please confirm?
>>>
>>> Ciao
>>> Hannes
>>>
>>>
>
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth

v2.23.0 | Report a Bug | By Email