[OAUTH-WG] Re: DNS Handles
Warren Parad <wparad@rhosys.ch> Tue, 21 January 2025 19:43 UTC
Return-Path: <wparad@rhosys.ch>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 44017C151068 for <oauth@ietfa.amsl.com>; Tue, 21 Jan 2025 11:43:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rhosys.ch
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4ZbNEkO0mbjb for <oauth@ietfa.amsl.com>; Tue, 21 Jan 2025 11:43:55 -0800 (PST)
Received: from mail-ed1-x52e.google.com (mail-ed1-x52e.google.com [IPv6:2a00:1450:4864:20::52e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 446BCC14F6A1 for <oauth@ietf.org>; Tue, 21 Jan 2025 11:43:55 -0800 (PST)
Received: by mail-ed1-x52e.google.com with SMTP id 4fb4d7f45d1cf-5da12190e75so12388831a12.1 for <oauth@ietf.org>; Tue, 21 Jan 2025 11:43:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rhosys.ch; s=google2024; t=1737488634; x=1738093434; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=Kqr7jvuw1USBjElDew40GA/GlJHg9RHeWVOiZSEtFf0=; b=Mc3Dp3SGOnfJm4YH5TzmaiuTO+cYvKrrs4Ixv95SuS8mEkBYEopp7j/rIszuZqiuuI 7X2F9tfBRk41ujl6Z1h/V7pUyFqE+kG8pcdtgtNmYRv3QzrHqZtCdPVEF9kRYaKfE5Zr 1nPUUC1gXjY2dz+Qh9GkQMYJK75RgWlHDiFkB+XoqnModETmgnlz/rJaVcs7SasnXN68 qaWyR3OX8sLwcda85vr5znX7XMVcpwwJ2LCabCL38fcyAnd/lDyLwyO9BntJcJCoRui0 Dmvw6eAcz0zvRtuvXWfsWRaxR9crqcHKY/lHdaTFuNF3175TlMNfnaEDvaR9fQMpWzS6 Yq0g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737488634; x=1738093434; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Kqr7jvuw1USBjElDew40GA/GlJHg9RHeWVOiZSEtFf0=; b=vYS+2oon5vStFwh0RlJ0L5ct7jXjNh6hBYU+iri2W2zfO0QM/TiOqqBrZRcRZiBvsO bwKXJiKIv/m5zuV7oLCWXTvfV2QZ0q084ky1FcGsvtoHX7rnKcRXEIIO34jCa1tROJ9t 7itRY1r1Ua9jBG9rclWD1S+tkyjVclVHB1d6jE2PAVT01I+i8hsJDYaOSgGXkJLERh4T SFOdrN5wm+BL/4t7mX2SELeN53EtHW4MYTWn2udaAz9ggRWnI9LMTo6yaTaHgcp8sUir TC9DT4e5/t6K4IzHhjBYEDcRgPxgj2JHnEdA/kYFMhAootYvyFgC/OmH0LSZ6mBdhCPf tZ+A==
X-Forwarded-Encrypted: i=1; AJvYcCU0IpNlOE68ieyGH5xE37JKb2s8U5r19YiCmcKXBjOuRfu6f1UCYVYqE6+xwSb4Sc252G0pKg==@ietf.org
X-Gm-Message-State: AOJu0YzZBapqOrgNpP4LEEAXIM2xixpJO/mhRD+LeW8b93Dgf8GClukF ty+onSmM0dqPC+ka+c7WHAlhYNB+v1sZL07fHhV6sjb6hC0Tu60OHCHpxv3UxEePuJtORlAro0S ohHzf4SvF9aVxqfPzaQ9tlXHj4sN6rhyNLFSW
X-Gm-Gg: ASbGncsGGub83WvTxrob7BKgfQSjaW4gD9sqdNTHZRHjlnlKj+0ol1b4eDY468Qy13y 8Gie2nJYY6+S6cr+n7p1OXbU4gkqcPY2yjOFTdkFVZTM/PyCY0pE=
X-Google-Smtp-Source: AGHT+IHEWFGW30yTdWDLHA+blGoU5PcMkfHX53kCPQttWnyBECZZco8yt2rkPvY6pozvZSL+Fu9MAPNMFSIE5XA8zjM=
X-Received: by 2002:a05:6402:278f:b0:5d9:b50e:7008 with SMTP id 4fb4d7f45d1cf-5db7d2f8c49mr16359724a12.8.1737488633706; Tue, 21 Jan 2025 11:43:53 -0800 (PST)
MIME-Version: 1.0
References: <CAMm+Lwgykk+B2UspfXBcLipFiTifNBf-WG-DeXPpWT39syqqVg@mail.gmail.com> <CAD9ie-tYsCODGfNTBDZgr46s4O4B9-u79jR=G10y4sN5HBiKgQ@mail.gmail.com> <CAMm+Lwje3G7EPkapFfVksbNtPN11LOs7Gj3Jj09uuFyvAb4FRQ@mail.gmail.com> <CAJot-L06J-T7vK2FJY4JGFQj4Zu=xFyNnKpnNM2SktCpOuTDKw@mail.gmail.com> <CAMm+Lwg+OizX_+bW7gkFqE3S6OGdF=h=7hpMSgnREWiqawiA5g@mail.gmail.com>
In-Reply-To: <CAMm+Lwg+OizX_+bW7gkFqE3S6OGdF=h=7hpMSgnREWiqawiA5g@mail.gmail.com>
From: Warren Parad <wparad@rhosys.ch>
Date: Tue, 21 Jan 2025 20:43:42 +0100
X-Gm-Features: AbW1kvYSAuWoahnp5rTf2TRFpEHDGH2LAkUImccmwQZwGxhuAlmcdXcNKNaoFlg
Message-ID: <CAJot-L1rbkYg3rooqLrWw5StrqJMFZp7puc4GK+ACOqPtVbaig@mail.gmail.com>
To: Phillip Hallam-Baker <phill@hallambaker.com>
Content-Type: multipart/alternative; boundary="000000000000d05478062c3c98a8"
Message-ID-Hash: KBYGBPFS5L7UOIWD3ZWPSTITZRBWIBXS
X-Message-ID-Hash: KBYGBPFS5L7UOIWD3ZWPSTITZRBWIBXS
X-MailFrom: wparad@rhosys.ch
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Dick.Hardt@gmail.com, oauth@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [OAUTH-WG] Re: DNS Handles
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/k_Pd3TvqwYRep0Azrp2jIFIH_9U>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>
> > The only thing lacking is a base of authentication service providers that > are willing to give users control. As someone who works for one of those "authentication service providers", what exactly would we need to support that we don't already? On Tue, Jan 21, 2025 at 8:35 PM Phillip Hallam-Baker <phill@hallambaker.com> wrote: > On Tue, Jan 21, 2025 at 2:20 PM Warren Parad <wparad@rhosys.ch> wrote: > >> I think you are still describing exactly what OAuth does, also FedCM >> helps a lot there, and I hate to say it but if this is the argument: >> > > That is exactly what I am saying: OAuth solved the problem a decade ago > and nobody noticed. > > The challenge now is to get people to notice and get the wider web to > realize that there is a better approach. > > Back in 1992, Tim Berners-Lee submitted a paper on the World Wide Web to > the Hypertext conference. It was rejected because there was 'nothing new'. > In 1993, they asked him to give the conference keynote. > > The 'innovation' in the Web was limited to removing search and referential > transparency from the document server. What that means is you can find > stuff and the links don't break. Ted Nelson considered those features > absolutely essential but they were an enormous burden on the services. > > > As someone who wants to allow people to comment on my personal blog, using > OAuth with DNS handles removes a huge amount of overhead: > > * Registering usernames and passwords. > * Verifying passwords. > * Verifying recovery email addresses. > * Account recovery. > > This approach is a win for users and a win for Web site maintainers. The > only thing lacking is a base of authentication service providers that are > willing to give users control. > >
- [OAUTH-WG] DNS Handles Phillip Hallam-Baker
- [OAUTH-WG] Re: DNS Handles Warren Parad
- [OAUTH-WG] Re: DNS Handles Phillip Hallam-Baker
- [OAUTH-WG] Re: DNS Handles Aaron Parecki
- [OAUTH-WG] Re: DNS Handles Dick Hardt
- [OAUTH-WG] Re: DNS Handles Warren Parad
- [OAUTH-WG] Re: DNS Handles Phillip Hallam-Baker
- [OAUTH-WG] Re: DNS Handles Warren Parad
- [OAUTH-WG] Re: DNS Handles Phillip Hallam-Baker
- [OAUTH-WG] Re: DNS Handles Warren Parad
- [OAUTH-WG] Re: DNS Handles Phillip Hallam-Baker
- [OAUTH-WG] Re: DNS Handles Warren Parad
- [OAUTH-WG] Re: DNS Handles Phillip Hallam-Baker
- [OAUTH-WG] Re: DNS Handles Aaron Parecki
- [OAUTH-WG] Re: DNS Handles Phillip Hallam-Baker
- [OAUTH-WG] Re: DNS Handles Dick Hardt
- [OAUTH-WG] Re: DNS Handles Phillip Hallam-Baker
- [OAUTH-WG] Re: DNS Handles Dick Hardt
- [OAUTH-WG] Re: DNS Handles Phillip Hallam-Baker
- [OAUTH-WG] Re: DNS Handles Sam Goto
- [OAUTH-WG] Re: DNS Handles Thomas Broyer
- [OAUTH-WG] Re: DNS Handles Dick Hardt
- [OAUTH-WG] Re: DNS Handles Aaron Parecki
- [OAUTH-WG] Re: DNS Handles Vladimir Dzhuvinov / Connect2id
- [OAUTH-WG] Re: DNS Handles Phillip Hallam-Baker
- [OAUTH-WG] Re: DNS Handles Pawel Kowalik