Re: [OAUTH-WG] Working Group Versions of Refactored OAuth Dynamic Client Registration Specs

"Richer, Justin P." <jricher@mitre.org> Thu, 06 March 2014 18:47 UTC

Return-Path: <jricher@mitre.org>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AFE5C1A0084 for <oauth@ietfa.amsl.com>; Thu, 6 Mar 2014 10:47:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.746
X-Spam-Level:
X-Spam-Status: No, score=-4.746 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.547] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i-8AApE4XjXI for <oauth@ietfa.amsl.com>; Thu, 6 Mar 2014 10:47:11 -0800 (PST)
Received: from smtpksrv1.mitre.org (smtpksrv1.mitre.org [198.49.146.77]) by ietfa.amsl.com (Postfix) with ESMTP id CC3561A00E3 for <oauth@ietf.org>; Thu, 6 Mar 2014 10:47:10 -0800 (PST)
Received: from smtpksrv1.mitre.org (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id 5F1381F05BE; Thu, 6 Mar 2014 13:47:06 -0500 (EST)
Received: from IMCCAS04.MITRE.ORG (imccas04.mitre.org [129.83.29.81]) by smtpksrv1.mitre.org (Postfix) with ESMTP id 4487C1F05B7; Thu, 6 Mar 2014 13:47:06 -0500 (EST)
Received: from IMCMBX01.MITRE.ORG ([169.254.1.95]) by IMCCAS04.MITRE.ORG ([129.83.29.81]) with mapi id 14.03.0174.001; Thu, 6 Mar 2014 13:47:05 -0500
From: "Richer, Justin P." <jricher@mitre.org>
To: Anthony Nadalin <tonynad@microsoft.com>, Mike Jones <Michael.Jones@microsoft.com>, "oauth@ietf.org list" <oauth@ietf.org>
Thread-Topic: Working Group Versions of Refactored OAuth Dynamic Client Registration Specs
Thread-Index: Ac8kNnz3PF/lDi5zTKOXOi6a7z33lwVFgm5QAAIciaAABcin8Q==
Date: Thu, 6 Mar 2014 18:47:04 +0000
Message-ID: <B33BFB58CCC8BE4998958016839DE27E4C180B4F@IMCMBX01.MITRE.ORG>
References: <4E1F6AAD24975D4BA5B16804296739438B1882D3@TK5EX14MBXC288.redmond.corp.microsoft.com> <532782efb0bd4dd8b69e26905d5250a1@BLUPR03MB309.namprd03.prod.outlook.com>, <370d79ce16e24a4997ac444591829e35@BLUPR03MB309.namprd03.prod.outlook.com>
In-Reply-To: <370d79ce16e24a4997ac444591829e35@BLUPR03MB309.namprd03.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [129.83.31.52]
Content-Type: multipart/alternative; boundary="_000_B33BFB58CCC8BE4998958016839DE27E4C180B4FIMCMBX01MITREOR_"
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/oauth/hvpJGAXC-OXKQhXFdPP2OG1rt4o
Subject: Re: [OAUTH-WG] Working Group Versions of Refactored OAuth Dynamic Client Registration Specs
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Mar 2014 18:47:14 -0000

Neither registration_access_token nor registration_client_uri are mentioned in core-16. They're both required in the management draft, and it makes sense there. If you're not implementing the management draft (or you've got your own thing for that), then you don't return either of them.

 -- Justin

________________________________
From: OAuth [oauth-bounces@ietf.org] on behalf of Anthony Nadalin [tonynad@microsoft.com]
Sent: Thursday, March 06, 2014 11:00 AM
To: Anthony Nadalin; Mike Jones; oauth@ietf.org list
Subject: Re: [OAUTH-WG] Working Group Versions of Refactored OAuth Dynamic Client Registration Specs

Same is true for the registration_client_uri as I may not need/want this, should be optional

From: OAuth [mailto:oauth-bounces@ietf.org] On Behalf Of Anthony Nadalin
Sent: Thursday, March 6, 2014 7:02 AM
To: Mike Jones; oauth@ietf.org list
Subject: Re: [OAUTH-WG] Working Group Versions of Refactored OAuth Dynamic Client Registration Specs

So the current core makes the registration_access_token  required and there are open registration endpoints, so this should be optional, there are also cases where the client_id is signed and that becomes the right to the registration endpoint

From: OAuth [mailto:oauth-bounces@ietf.org] On Behalf Of Mike Jones
Sent: Friday, February 7, 2014 10:58 AM
To: oauth@ietf.org<mailto:oauth@ietf.org> list
Subject: [OAUTH-WG] Working Group Versions of Refactored OAuth Dynamic Client Registration Specs

There are now OAuth working group<http://datatracker.ietf.org/wg/oauth/> versions of the refactored OAuth Dynamic Client Registration specifications:

·         OAuth 2.0 Dynamic Client Registration Core Protocol

·         OAuth 2.0 Dynamic Client Registration Metadata

·         OAuth 2.0 Dynamic Client Registration Management Protocol

These versions address review comments by Phil Hunt and Tony Nadalin.  Phil is now also an author.  The data structures and messages used are the same as the previous versions<http://self-issued.info/?p=1171>.

The drafts are available at:

·         http://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-16

·         http://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-metadata-00

·         http://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-management-00

HTML formatted versions are also available at:

·         https://self-issued.info/docs/draft-ietf-oauth-dyn-reg-16.html

·         https://self-issued.info/docs/draft-ietf-oauth-dyn-reg-metadata-00.html

·         https://self-issued.info/docs/draft-ietf-oauth-dyn-reg-management-00.html

                                                            -- Mike

P.S.  I also posted this notice at http://self-issued.info/?p=1180 and as @selfissued.