IETF Logo Mail Archive

Re: [OAUTH-WG] New Version Notification for draft-hunt-oauth-v2-user-a4c-05.txt

Nat Sakimura <sakimura@gmail.com> Thu, 24 July 2014 15:50 UTC

Return-Path: <sakimura@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA72B1A0393 for <oauth@ietfa.amsl.com>; Thu, 24 Jul 2014 08:50:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9uP97Ys3PJQw for <oauth@ietfa.amsl.com>; Thu, 24 Jul 2014 08:50:40 -0700 (PDT)
Received: from mail-la0-x230.google.com (mail-la0-x230.google.com [IPv6:2a00:1450:4010:c03::230]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 644171A016C for <oauth@ietf.org>; Thu, 24 Jul 2014 08:50:39 -0700 (PDT)
Received: by mail-la0-f48.google.com with SMTP id gl10so2052985lab.21 for <oauth@ietf.org>; Thu, 24 Jul 2014 08:50:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=YKD4K89SJQuz3ckqMWbKjcemEL5bbSlOCzvqiToOQpo=; b=KkG7R5j+i8m49ZsR6gq6rwye+1Eegom7XJF8Q9Hhll4wIZ7T2KvxtzWdjGg0a1J8p+ aaX0pcMShEdp3WWbd8NO5SUKepO3rKoTS9eRM7q179S8/rA2Kc70GyYmgR6MDahm83Zn 6cN/8s0iPNZ7PzBGf42wpYTJtl7daqEjGaaImi3cIhkpPZca2H+f3xj9wPHGptJ7APTW ESQCUCQkpRMGXYh7C/E38nRseT7MDjke7TbXPXgeadr1y9QVT5p6NUyqroFoKjX4PIGf sCqrSMZVLhCppin5wncO+ASFdbRqseCM7gOfPDwa7bvtMTs1YP4Kps9Facu/qWYbVPgV PPmw==
MIME-Version: 1.0
X-Received: by 10.152.202.197 with SMTP id kk5mr10475911lac.19.1406217037566; Thu, 24 Jul 2014 08:50:37 -0700 (PDT)
Received: by 10.112.150.233 with HTTP; Thu, 24 Jul 2014 08:50:37 -0700 (PDT)
In-Reply-To: <45D858DE-6F5E-46D4-828C-9C4C80C3AC2A@oracle.com>
References: <201407221830.s6MIUYrf031075@outgoing.mit.edu> <CABzCy2CxNQ2d3=m9Bvc0+k6ikqZkwb940HwskvnAGvKoGnteSw@mail.gmail.com> <DE16B8D3-3590-45B3-BE08-D1A7CF9EF0FB@oracle.com> <CABzCy2B_iB1ZBskFJObKJjnftEH1STVyhx1-AE6Chrj76-se8g@mail.gmail.com> <F7F8C65F-C805-4C29-86F0-1835B7A80E3F@oracle.com> <4E1F6AAD24975D4BA5B16804296739439ADDD8F2@TK5EX14MBXC294.redmond.corp.microsoft.com> <CAEayHEM4SAM_2DwF8ceC4sen++o7azZnP16xDR8EodqSkxFajA@mail.gmail.com> <04E6EF5C-F36C-4987-9BA6-AF92408EEFCE@mitre.org> <CAEayHENPDasnJ8JBgxRuZSkcWg3+=1g6gOJzodWAJtHqMmc_Ww@mail.gmail.com> <CABzCy2CWN81to7nAtxsnCjSiXFhzh+iOu-2zyg+cjfCSgQZqbQ@mail.gmail.com> <2cc10b23a4238ec0c76087b09d1d290a@lodderstedt.net> <6859A770-F6D2-4481-BD5F-2E73779BC745@ve7jtb.com> <4E1F6AAD24975D4BA5B16804296739439ADDE116@TK5EX14MBXC294.redmond.corp.microsoft.com> <CABzCy2Ar_pJt30ctP6hQ47rpSUGMh-+rrYssWe+XFNY73dA_YQ@mail.gmail.com> <CAEayHENLvazYAcu==_3CM9x91DDqhHngtSarm4_qBu5Zf_-ipw@mail.gmail.com> <B3031E2C-8F1E-4DEC-B739-2F2FFC349D39@lodderstedt.net> <B86C4C6C-AC24-45DF-A3B4-F8D1A88BC64A@ve7jtb.com> <d4b20f338a298530b4a3430386502d25@lodderstedt.net> <1E5B5066-E619-4965-B941-62C2CD72A37E@ve7jtb.com> <CABzCy2Dmms4MGTsuQkzu3uQGChLtNDKQREo1_S7UwfaW3hQnqA@mail.gmail.com> <CA+k3eCSiwB3pC5j+zFgrLHg7DdnWMjdJ7VVfY=NWbeY-3ndoyA@mail.gmail.com> <9dbf8c7384e341a08334a9ee093697f8@BLUPR03MB309.namprd03.prod.outlook.com> <CA+k3eCTFpOyM78r7NAY=LVbYgdYC5dXUP4ej9i1ZUT6m_rO8PQ@mail.gmail.com> <45D858DE-6F5E-46D4-828C-9C4C80C3AC2A@oracle.com>
Date: Thu, 24 Jul 2014 11:50:37 -0400
Message-ID: <CABzCy2Da1P1GJ8jfUvQZ3dGFGgUwCMGbetX0CQvnsa3jFxAFbA@mail.gmail.com>
From: Nat Sakimura <sakimura@gmail.com>
To: Phil Hunt <phil.hunt@oracle.com>
Content-Type: multipart/alternative; boundary="001a1135f8dc00593304fef26b4d"
Archived-At: http://mailarchive.ietf.org/arch/msg/oauth/hEj_FB6Nw5_gkRQHDghRAqY07E4
Cc: "oauth@ietf.org list" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] New Version Notification for draft-hunt-oauth-v2-user-a4c-05.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jul 2014 15:50:49 -0000

2014-07-24 10:30 GMT-04:00 Phil Hunt <phil.hunt@oracle.com>:

> I’m not at all saying that OpenID is bad. If you want an IDP, its fine.
>  But if all a client wants is authentication, they think why can’t I just
> use RFC6749?


If all what one wants is to build a simple client, there is a standing
document called OpenID Connect Basic Client Implementer's Guide 1.0.

It is a profile that deals only the 'code' flow.
Size-wise, it is 32 pages. The break down are as below approximately:

Abstract, Intro, ToC - 2.5 pages
Terminology - 1.5 pages
Getting ID Token - 9 pages
ID Token Validation - 1 page (Seems missing from a4c draft?)
Userinfo Endpoint - 7 pages
Serializations - 1 page (missing in a4c?)
String Operations etc. - 1 pages (missing in a4c?)
Considerations - 2 pages (very brief in a4c)
References, Acknowledgement - 2 pages
Document History etc. - 7 pages

The a4c draft is 14 pages long. It will be longer than this in the end as
it is missing bunch of things.
The comparable portion of the Basic Client Profile is 14 pages or so.

Just one data point.

-- 
Nat Sakimura (=nat)
Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en

v2.23.0 | Report a Bug | By Email