[OAUTH-WG] What are the OAuth design principles?
Eve Maler <eve@xmlgrrl.com> Mon, 22 March 2010 23:00 UTC
Return-Path: <eve@xmlgrrl.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8512328C147 for <oauth@core3.amsl.com>; Mon, 22 Mar 2010 16:00:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.437
X-Spam-Level: **
X-Spam-Status: No, score=2.437 tagged_above=-999 required=5 tests=[BAYES_50=0.001, DNS_FROM_OPENWHOIS=1.13, FROM_DOMAIN_NOVOWEL=0.5, SARE_URI_CONS7=0.306, URI_NOVOWEL=0.5]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PEmymOuwoD9F for <oauth@core3.amsl.com>; Mon, 22 Mar 2010 16:00:43 -0700 (PDT)
Received: from mail.promanage-inc.com (eliasisrael.com [98.111.84.13]) by core3.amsl.com (Postfix) with ESMTP id 9EB953A6824 for <oauth@ietf.org>; Mon, 22 Mar 2010 16:00:43 -0700 (PDT)
Received: from dhcp-wireless-open-abg-27-186.meeting.ietf.org (dhcp-wireless-open-abg-27-186.meeting.ietf.org [130.129.27.186]) (authenticated bits=0) by mail.promanage-inc.com (8.14.3/8.14.3) with ESMTP id o2MN0xVw014604 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Mon, 22 Mar 2010 16:01:01 -0700
From: Eve Maler <eve@xmlgrrl.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Mon, 22 Mar 2010 16:00:59 -0700
To: OAuth WG <oauth@ietf.org>
Message-Id: <0E4475A4-8014-419B-A20E-15DDF04300FD@xmlgrrl.com>
Mime-Version: 1.0 (Apple Message framework v1077)
X-Mailer: Apple Mail (2.1077)
Subject: [OAUTH-WG] What are the OAuth design principles?
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Mar 2010 23:00:44 -0000
Since the discussion in the "OAuth after-party" seemed to warrant bringing it up, I mentioned the UMA design principles/requirements document. You can find it here: http://kantarainitiative.org/confluence/display/uma/UMA+Requirements The discussion is around "Why can't Kerberos just be used for your use cases?" The UMA principles might be able to inform how the OAuth WG makes its case for why Kerberos doesn't suffice. (If we discover it does, hey, our work here is done. :-) Eve Eve Maler eve@xmlgrrl.com http://www.xmlgrrl.com/blog
- [OAUTH-WG] What are the OAuth design principles? Eve Maler
- Re: [OAUTH-WG] What are the OAuth design principl… Anthony Nadalin
- Re: [OAUTH-WG] What are the OAuth design principl… Leif Johansson
- Re: [OAUTH-WG] What are the OAuth design principl… Peter Saint-Andre
- Re: [OAUTH-WG] What are the OAuth design principl… Leif Johansson