Re: [OAUTH-WG] Working Group Last Call on Dynamic Client Registration Documents

Phil Hunt <phil.hunt@oracle.com> Sun, 06 April 2014 15:26 UTC

Return-Path: <phil.hunt@oracle.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED7521A0190 for <oauth@ietfa.amsl.com>; Sun, 6 Apr 2014 08:26:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.209
X-Spam-Level:
X-Spam-Status: No, score=-4.209 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k21yv3-4o0Bt for <oauth@ietfa.amsl.com>; Sun, 6 Apr 2014 08:26:52 -0700 (PDT)
Received: from aserp1040.oracle.com (aserp1040.oracle.com [141.146.126.69]) by ietfa.amsl.com (Postfix) with ESMTP id 1187A1A045C for <oauth@ietf.org>; Sun, 6 Apr 2014 08:26:51 -0700 (PDT)
Received: from ucsinet21.oracle.com (ucsinet21.oracle.com [156.151.31.93]) by aserp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id s36FQjYZ019834 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Sun, 6 Apr 2014 15:26:46 GMT
Received: from userz7022.oracle.com (userz7022.oracle.com [156.151.31.86]) by ucsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id s36FQhox025500 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 6 Apr 2014 15:26:44 GMT
Received: from abhmp0003.oracle.com (abhmp0003.oracle.com [141.146.116.9]) by userz7022.oracle.com (8.14.5+Sun/8.14.4) with ESMTP id s36FQhcd008402; Sun, 6 Apr 2014 15:26:43 GMT
Received: from [192.168.1.125] (/174.7.250.104) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Sun, 06 Apr 2014 08:26:43 -0700
References: <533E77C3.9000509@gmx.net> <1396629672.75505.YahooMailNeo@web142804.mail.bf1.yahoo.com> <495B4720-34D6-4588-9E63-A8F501D39177@lodderstedt.net> <1396761153.23438.YahooMailNeo@web142805.mail.bf1.yahoo.com> <D8D86C7B-9DC6-44CE-A7E4-903313571A31@lodderstedt.net>
Mime-Version: 1.0 (1.0)
In-Reply-To: <D8D86C7B-9DC6-44CE-A7E4-903313571A31@lodderstedt.net>
Content-Type: multipart/alternative; boundary=Apple-Mail-1360E418-F306-46D4-BAC9-7E8CDCD9E5B9
Content-Transfer-Encoding: 7bit
Message-Id: <307C95B1-CF4C-499A-835A-AA12012DA7B1@oracle.com>
X-Mailer: iPhone Mail (11D167)
From: Phil Hunt <phil.hunt@oracle.com>
Date: Sun, 6 Apr 2014 08:26:42 -0700
To: Torsten Lodderstedt <torsten@lodderstedt.net>
X-Source-IP: ucsinet21.oracle.com [156.151.31.93]
Archived-At: http://mailarchive.ietf.org/arch/msg/oauth/frp886CGEMQMEp78kque3godk4Q
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Working Group Last Call on Dynamic Client Registration Documents
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 06 Apr 2014 15:26:58 -0000

Hmm. I think this issue is self evident to the developer

If they have obtained a client id through developer registration (current typical oauth) they are good to go. 

IOW If you have a client id issued out of band you are good to go. 

Otherwise look for dyn reg or some other method. This likely happens where clients connect to apis and/or protocols deployed by many service providers  eg OIDC. An emerging example I heard at ietf london was interest in adapting oauth to non web protocols like smtp, imap, pop and even jabber. 

Phil

> On Apr 6, 2014, at 0:59, Torsten Lodderstedt <torsten@lodderstedt.net> wrote:
> 
> I think it is at the discretion of the actual deployment whether clients may dynamically register or not (meaning they need to go through some oob mechanism). Protocols utilizing OAuth could make it part of their mandatory to implement features - in the same way OIDC does.
> 
> Best regards,
> Torsten.
>> Am 06.04.2014 um 07:12 schrieb Bill Mills <wmills_92105@yahoo.com>om>:
>> 
>> To me the fundamental question of whether a client has to be registered in each place it is used is quite significant.  We don't address the problem and have not discussed it enough.
>> 
>> -bill
>> On Friday, April 4, 2014 11:39 PM, Torsten Lodderstedt <torsten@lodderstedt.net> wrote:
>> Hi Bill,
>> 
>> which scalability problem are you referring to? As far as I remember there were issues around the management API but not the core protocol.
>> 
>> regards,
>> Torsten.
>> 
>>> Am 04.04.2014 um 18:41 schrieb Bill Mills <wmills_92105@yahoo.com>om>:
>>> 
>> 
>>> Given the fundamental scalability problem we discussed in London do we really feel we're ready?
>>> On Friday, April 4, 2014 3:07 AM, Hannes Tschofenig <hannes.tschofenig@gmx.net> wrote:
>>> Hi all,
>>> 
>>> This is a Last Call for comments on the dynamic client registration
>>> documents:
>>> 
>>> * OAuth 2.0 Dynamic Client Registration Core Protocol
>>> http://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-16
>>> 
>>> * OAuth 2.0 Dynamic Client Registration Metadata
>>> http://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-metadata-00
>>> 
>>> Since we have to do the last call for these two documents together we
>>> are setting the call for **3 weeks**.
>>> 
>>> Please have your comments in no later than April 25th.
>>> 
>>> Ciao
>>> Hannes & Derek
>>> 
>>> _______________________________________________
>>> OAuth mailing list
>>> OAuth@ietf.org
>>> https://www.ietf.org/mailman/listinfo/oauth
>>> 
>>> 
>>> _______________________________________________
>>> OAuth mailing list
>>> OAuth@ietf.org
>>> https://www.ietf.org/mailman/listinfo/oauth
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth