Re: [OAUTH-WG] Confirmation: Call for Adoption of "OAuth Token Introspection" as an OAuth Working Group Item
Mike Jones <Michael.Jones@microsoft.com> Wed, 30 July 2014 00:16 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A7BC1A03A9 for <oauth@ietfa.amsl.com>; Tue, 29 Jul 2014 17:16:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RJfpDR8X8opt for <oauth@ietfa.amsl.com>; Tue, 29 Jul 2014 17:16:46 -0700 (PDT)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2lp0242.outbound.protection.outlook.com [207.46.163.242]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3719C1A0104 for <oauth@ietf.org>; Tue, 29 Jul 2014 17:16:45 -0700 (PDT)
Received: from BLUPR03MB614.namprd03.prod.outlook.com (10.255.124.42) by BLUPR03MB002.namprd03.prod.outlook.com (10.255.208.36) with Microsoft SMTP Server (TLS) id 15.0.990.7; Wed, 30 Jul 2014 00:16:45 +0000
Received: from BY2PR03CA066.namprd03.prod.outlook.com (10.141.249.39) by BLUPR03MB614.namprd03.prod.outlook.com (10.255.124.42) with Microsoft SMTP Server (TLS) id 15.0.995.14; Wed, 30 Jul 2014 00:16:43 +0000
Received: from BY2FFO11FD007.protection.gbl (2a01:111:f400:7c0c::164) by BY2PR03CA066.outlook.office365.com (2a01:111:e400:2c5d::39) with Microsoft SMTP Server (TLS) id 15.0.995.14 via Frontend Transport; Wed, 30 Jul 2014 00:16:43 +0000
Received: from mail.microsoft.com (131.107.125.37) by BY2FFO11FD007.mail.protection.outlook.com (10.1.14.128) with Microsoft SMTP Server (TLS) id 15.0.990.10 via Frontend Transport; Wed, 30 Jul 2014 00:16:42 +0000
Received: from TK5EX14MBXC293.redmond.corp.microsoft.com ([169.254.2.111]) by TK5EX14HUBC107.redmond.corp.microsoft.com ([157.54.80.67]) with mapi id 14.03.0195.002; Wed, 30 Jul 2014 00:16:30 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: George Fletcher <gffletch@aol.com>, Phil Hunt <phil.hunt@oracle.com>, Thomas Broyer <t.broyer@gmail.com>
Thread-Topic: [OAUTH-WG] Confirmation: Call for Adoption of "OAuth Token Introspection" as an OAuth Working Group Item
Thread-Index: AQHPqooP3+C2DjUTZkSSZigQ7bEA65u2KzcAgAAC6YCAAXSXAIAAHpYg
Date: Wed, 30 Jul 2014 00:16:28 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739439ADF77B2@TK5EX14MBXC293.redmond.corp.microsoft.com>
References: <53D6895F.4050104@gmx.net> <CAEayHEM+pqDqv1qx=Z-qhNuYM-s2cV0z=sQb_FAJaGwcLpq_rQ@mail.gmail.com> <20A36D56-D581-4EDE-9DEA-D3F9C48AD20B@oracle.com> <53D81F2C.2060700@aol.com>
In-Reply-To: <53D81F2C.2060700@aol.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.79]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B16804296739439ADF77B2TK5EX14MBXC293r_"
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(438002)(189002)(199002)(24454002)(53754006)(164054003)(377454003)(479174003)(87936001)(26826002)(81342001)(76176999)(81542001)(64706001)(31966008)(74502001)(33656002)(44976005)(76482001)(19625215002)(54356999)(19300405004)(19580395003)(15202345003)(6806004)(93886003)(85852003)(46102001)(71186001)(15975445006)(74662001)(92566001)(2656002)(69596002)(92726001)(86362001)(20776003)(512874002)(4396001)(68736004)(16236675004)(85306003)(86612001)(97736001)(83072002)(80022001)(55846006)(106116001)(77982001)(66066001)(95666004)(106466001)(77096002)(99396002)(79102001)(21056001)(83322001)(19617315012)(84326002)(50986999)(19580405001)(107046002)(81156004)(104016003)(84676001); DIR:OUT; SFP:; SCL:1; SRVR:BLUPR03MB614; H:mail.microsoft.com; FPR:; MLV:ovrnspm; PTR:InfoDomainNonexistent; MX:1; LANG:en;
X-Microsoft-Antispam: BCL:0;PCL:0;RULEID:
X-O365ENT-EOP-Header: Message processed by - O365_ENT: Allow from ranges (Engineering ONLY)
X-Forefront-PRVS: 0288CD37D9
Received-SPF: Pass (protection.outlook.com: domain of microsoft.com designates 131.107.125.37 as permitted sender) receiver=protection.outlook.com; client-ip=131.107.125.37; helo=mail.microsoft.com;
Authentication-Results: spf=pass (sender IP is 131.107.125.37) smtp.mailfrom=Michael.Jones@microsoft.com;
X-Microsoft-Antispam: BCL:0;PCL:0;RULEID:
X-OriginatorOrg: microsoft.onmicrosoft.com
Archived-At: http://mailarchive.ietf.org/arch/msg/oauth/do6L7KR4uCs5LQ4i9eNwhEw8RPo
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Confirmation: Call for Adoption of "OAuth Token Introspection" as an OAuth Working Group Item
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Jul 2014 00:16:49 -0000
Did you consider standardizing the access token format within that deployment so all the parties that needed to could understand it, rather requiring an extra round trip to an introspection endpoint so as to be able to understand things about it? I realize that might or might not be practical in some cases, but I haven’t heard that alternative discussed, so I thought I’d bring it up. I also second Phil’s comment that it would be good to understand the use cases that this is intended to solve before embarking on a particular solution path. -- Mike From: OAuth [mailto:oauth-bounces@ietf.org] On Behalf Of George Fletcher Sent: Tuesday, July 29, 2014 3:25 PM To: Phil Hunt; Thomas Broyer Cc: oauth@ietf.org Subject: Re: [OAUTH-WG] Confirmation: Call for Adoption of "OAuth Token Introspection" as an OAuth Working Group Item We also have a use case where the AS is provided by a partner and the RS is provided by AOL. Being able to have a standardized way of validating and getting data about the token from the AS would make our implementation much simpler as we can use the same mechanism for all Authorization Servers and not have to implement one off solutions for each AS. Thanks, George On 7/28/14, 8:11 PM, Phil Hunt wrote: Could we have some discussion on the interop cases? Is it driven by scenarios where AS and resource are separate domains? Or may this be only of interest to specific protocols like UMA? From a technique principle, the draft is important and sound. I am just not there yet on the reasons for an interoperable standard. Phil On Jul 28, 2014, at 17:00, Thomas Broyer <t.broyer@gmail.com<mailto:t.broyer@gmail.com>> wrote: Yes. This spec is of special interest to the platform we're building for http://www.oasis-eu.org/ On Mon, Jul 28, 2014 at 7:33 PM, Hannes Tschofenig <hannes.tschofenig@gmx.net<mailto:hannes.tschofenig@gmx.net>> wrote: Hi all, during the IETF #90 OAuth WG meeting, there was strong consensus in adopting the "OAuth Token Introspection" (draft-richer-oauth-introspection-06.txt) specification as an OAuth WG work item. We would now like to verify the outcome of this call for adoption on the OAuth WG mailing list. Here is the link to the document: http://datatracker.ietf.org/doc/draft-richer-oauth-introspection/ If you did not hum at the IETF 90 OAuth WG meeting, and have an opinion as to the suitability of adopting this document as a WG work item, please send mail to the OAuth WG list indicating your opinion (Yes/No). The confirmation call for adoption will last until August 10, 2014. If you have issues/edits/comments on the document, please send these comments along to the list in your response to this Call for Adoption. Ciao Hannes & Derek _______________________________________________ OAuth mailing list OAuth@ietf.org<mailto:OAuth@ietf.org> https://www.ietf.org/mailman/listinfo/oauth -- Thomas Broyer /tɔ.ma.bʁwa.je/<http://xn--nna.ma.xn--bwa-xxb.je/> _______________________________________________ OAuth mailing list OAuth@ietf.org<mailto:OAuth@ietf.org> https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org<mailto:OAuth@ietf.org> https://www.ietf.org/mailman/listinfo/oauth
- [OAUTH-WG] Confirmation: Call for Adoption of "OA… Hannes Tschofenig
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Eve Maler
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Bill Mills
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Thomas Broyer
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Phil Hunt
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Justin Richer
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Phil Hunt
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Thomas Broyer
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Justin Richer
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Tirumaleswar Reddy (tireddy)
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Mark Dobrinic
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Paul Madsen
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Mike Jones
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Justin Richer
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Bill Mills
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Justin Richer
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Eve Maler
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Phil Hunt
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Thomas Broyer
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… George Fletcher
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Phil Hunt
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Mike Jones
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Thomas Broyer
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Mike Jones
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Justin Richer
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Justin Richer
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Phil Hunt
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Thomas Broyer
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Phil Hunt
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Justin Richer
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Anthony Nadalin
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Phil Hunt
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Eve Maler
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Tirumaleswar Reddy (tireddy)
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Thomas Broyer
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Sergey Beryozkin
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Sergey Beryozkin
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… John Bradley
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Sergey Beryozkin
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… John Bradley
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Sergey Beryozkin
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… George Fletcher
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… George Fletcher
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… George Fletcher
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… John Bradley
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Anthony Nadalin
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… John Bradley
- Re: [OAUTH-WG] Confirmation: Call for Adoption of… Brian Campbell