IETF Logo Mail Archive

Re: [OAUTH-WG] [kitten] OAuth Discovery and what the relying party needs to know

William Mills <wmills@yahoo-inc.com> Wed, 09 May 2012 18:41 UTC

Return-Path: <wmills@yahoo-inc.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CFACD21F8566 for <oauth@ietfa.amsl.com>; Wed, 9 May 2012 11:41:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.985
X-Spam-Level:
X-Spam-Status: No, score=-15.985 tagged_above=-999 required=5 tests=[AWL=-0.987, BAYES_50=0.001, HTML_MESSAGE=0.001, USER_IN_DEF_WHITELIST=-15]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8LB37Fv9cAnW for <oauth@ietfa.amsl.com>; Wed, 9 May 2012 11:41:51 -0700 (PDT)
Received: from nm8.bullet.mail.ac4.yahoo.com (nm8.bullet.mail.ac4.yahoo.com [98.139.52.205]) by ietfa.amsl.com (Postfix) with SMTP id 69F8621F854B for <oauth@ietf.org>; Wed, 9 May 2012 11:41:51 -0700 (PDT)
Received: from [98.139.52.192] by nm8.bullet.mail.ac4.yahoo.com with NNFMP; 09 May 2012 18:41:48 -0000
Received: from [98.139.52.155] by tm5.bullet.mail.ac4.yahoo.com with NNFMP; 09 May 2012 18:41:48 -0000
Received: from [127.0.0.1] by omp1038.mail.ac4.yahoo.com with NNFMP; 09 May 2012 18:41:48 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 359184.65094.bm@omp1038.mail.ac4.yahoo.com
Received: (qmail 87179 invoked by uid 60001); 9 May 2012 18:41:17 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo-inc.com; s=ginc1024; t=1336588877; bh=SqwZoywUPvYMlFeyn2w0KnrDevT3HRFQXUz4pW0PvCE=; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=MI3XoxzvjnSn5C96QVEIJkS1U/IWqJxaPer4UVfNzz/U8Fa3VbuDSgJyb7tlczNCRwv95twznhWO4OgBvCTr2JBPanyR8xGP/mYpAT6//WfQedGBRmfDBgNJEbEwgWIaLYUdNz2wNGm7/t0WTHRKGKK/ak0aqW6x6ESVp/7BIEg=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=ginc1024; d=yahoo-inc.com; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=UcKM6ul36P8kt8/SilaKiZn8D85FLQX3AoHCx/BYMkJYbLwBuD1MrCRiMsg87WCeRaNYYKtkuQB1KjZoTtFKjWrOMCtelIJIlyKC/jd1Cwpz810nIw4OIso6xuLx5ZPXYBCjMWcEIu1kSuRFh7hIwGX5iBLNRZSvoefxtMzpISQ=;
X-YMail-OSG: .QPJDzoVM1mdHXLeBU9AZX9Hs8ot96CwPPgEhAV_1as2xtd tHqM81qp.92LjKjWomOelETffwfZ.5N5ECZnry4fWGRFcW0pHMDw_zOimnmS 2SWcDl2X9_dWmvobsjJuzCZPhuGxv9_npDWbQWntEFhj0sDjEUMs.iKxUeCz 88WA_rORzTof9iDZe7TLL77i4Awg21j.Q0ctWlI99smeUf4JB6iaWphSMoCQ tYL5FQ5P_WyaHQqacXTrrxBNByl9RRgRlWuwt.27YcSrd8mOkOzu7t8AbJO6 Lu2cfydYZ.RPE47gNZFUH5Df2S.VbF8KCUeqt1h0wV.2udlF1QWcM..0WkDx pQZ9f4LC_Uk5gyUfC7yOo85jT8a7E4ocQi0jo0pvW6MF8tEawaoc1VDIDjne FNxVodiu5xQh.3UaK1fZCXR7JZbFBsCjtMOxhQjdq5xlgLpl3n_U-
Received: from [209.131.62.115] by web31810.mail.mud.yahoo.com via HTTP; Wed, 09 May 2012 11:41:16 PDT
X-RocketYMMF: william_john_mills
X-Mailer: YahooMailWebService/0.8.118.349524
References: <40FC97F0-B72C-47F4-8206-590BA365997A@gmx.net>
Message-ID: <1336588876.87117.YahooMailNeo@web31810.mail.mud.yahoo.com>
Date: Wed, 09 May 2012 11:41:16 -0700
From: William Mills <wmills@yahoo-inc.com>
To: Hannes Tschofenig <Hannes.Tschofenig@gmx.net>, "oauth@ietf.org WG" <oauth@ietf.org>, "kitten@ietf.org" <kitten@ietf.org>
In-Reply-To: <40FC97F0-B72C-47F4-8206-590BA365997A@gmx.net>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="1935884094-497063341-1336588876=:87117"
Subject: Re: [OAUTH-WG] [kitten] OAuth Discovery and what the relying party needs to know
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: William Mills <wmills@yahoo-inc.com>
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 May 2012 18:41:51 -0000

This is going to get fun as we deal with various types of identities.  There was a suggestion at IIW that the workable way to do this for e-mail is via MX records.  What do we do for other types of IDs?




>________________________________
> From: Hannes Tschofenig <Hannes.Tschofenig@gmx.net>
>To: "oauth@ietf.org WG" <oauth@ietf.org>; kitten@ietf.org 
>Sent: Wednesday, May 9, 2012 10:50 AM
>Subject: [kitten] OAuth Discovery and what the relying party needs to know
> 
>Hi guys, 
>
>at the last IIW we had a discussion about SASL-OAuth and what the SASL server needs to know for discovery. 
>The discovery discussions around WebFinger go in the same directions. 
>
>So, I have been wondering whether we have made an informed decision about how the discovery procedure is actually supposed to look like. 
>
>In my view, the relying party (the client) only needs to know who the identity provider (the AS/RS) is. 
>
>Any other views? 
>
>Ciao
>Hannes
>
>PS: Please let me know if I should provide more background about the issue. 
>
>_______________________________________________
>Kitten mailing list
>Kitten@ietf.org
>https://www.ietf.org/mailman/listinfo/kitten
>
>
>

v2.23.0 | Report a Bug | By Email