Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-device-flow-04.txt
Brian Campbell <bcampbell@pingidentity.com> Thu, 02 March 2017 22:50 UTC
Return-Path: <bcampbell@pingidentity.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F778128874 for <oauth@ietfa.amsl.com>; Thu, 2 Mar 2017 14:50:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pingidentity.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WrV4OH1SfoA3 for <oauth@ietfa.amsl.com>; Thu, 2 Mar 2017 14:50:04 -0800 (PST)
Received: from mail-yw0-x231.google.com (mail-yw0-x231.google.com [IPv6:2607:f8b0:4002:c05::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 00E1C127A90 for <oauth@ietf.org>; Thu, 2 Mar 2017 14:50:04 -0800 (PST)
Received: by mail-yw0-x231.google.com with SMTP id o4so7658409ywd.3 for <oauth@ietf.org>; Thu, 02 Mar 2017 14:50:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=gmail; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=kiYiYzJBZx1Cnz8LE3tOtiFPIHlTRf0m2QJGt+5qL4U=; b=bJfXiCZC/ZTupVPZaXK4NoC0XtIUGgLcvpzc0Gs2/CxNzEu2zLtQ5BCLWbnM+ITE8f fiszVfYqNv02/V8jYDCrVv3kBWVQo1BRNtHVgvRzw9c1JuSr2BpNBMalr9zoQrOQH8/1 GTXfuN9y0WqAmq+5nDAC8z5cAzJft2AxSPhZE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=kiYiYzJBZx1Cnz8LE3tOtiFPIHlTRf0m2QJGt+5qL4U=; b=hCPG3eNhieaDcRvjS6sQ6jkB7iHdCeVnXAqOwiACbM7av6fMFnn9fgjqJKzOX7enor xoGSZoefTA/N709ePgBP1QdGLlN7FBftB7RxUPLq8RUXEFfbyELLrTuB+cOsh7wmW1tm LokOLGqyAoHffD8h4uB7n0VMnNikJDQS63w5J0Abw0Dvn3gYGY7cNSI6neBX3zCFJNMe 3Clhzq63cFMueDxAlKYn0eaOuCZttBZE/jp/zasVwR9+gtU2bIQ306uHPbn5jsllsYg5 aEeHvfqXLFm10m4A2BFA2nHZqjxluxP8HFM7Q4POQ5E+BJ4prhNtFj01OhkqIxjnLl10 LXhA==
X-Gm-Message-State: AMke39l8SMH9S/mvUD2r1zgRVjeWbLHlO0f4Yh5vsch3D6Pl7MRPgEkNssb/wthxAZbQbH2DP1d93lXySYFtdTuG
X-Received: by 10.37.78.195 with SMTP id c186mr6402832ybb.180.1488495003095; Thu, 02 Mar 2017 14:50:03 -0800 (PST)
MIME-Version: 1.0
Received: by 10.37.43.4 with HTTP; Thu, 2 Mar 2017 14:49:32 -0800 (PST)
In-Reply-To: <CAAP42hBGV7gCpr9xYvcTR+xq_XRDdFE6TY7WX+Sar+p+XeUgRw@mail.gmail.com>
References: <148821758095.21176.8129728266233946666.idtracker@ietfa.amsl.com> <CAAP42hBGV7gCpr9xYvcTR+xq_XRDdFE6TY7WX+Sar+p+XeUgRw@mail.gmail.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Thu, 02 Mar 2017 15:49:32 -0700
Message-ID: <CA+k3eCRf4yyn-Wa=tYPOocRSVtiMz7dJp3bF0S2KVB03bTp9PA@mail.gmail.com>
To: William Denniss <wdenniss@google.com>
Content-Type: multipart/alternative; boundary="001a113e88fae8f2dd0549c73f8f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/l8JYlhoDhiI4KG98-zK9r9qyO1I>
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-device-flow-04.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Mar 2017 22:50:06 -0000
Two little nits about endpoint naming: Section 2 <https://tools.ietf.org/html/draft-ietf-oauth-device-flow-04#section-2> defines "device endpoint", which is used in the document everywhere except the new metadata sections (section 4 <https://tools.ietf.org/html/draft-ietf-oauth-device-flow-04#section-4> and 7.3.1 <https://tools.ietf.org/html/draft-ietf-oauth-device-flow-04#section-7.3.1>) that use the term "device authorization endpoint.", Not a big deal but potentially a little confusing. The example in section 3.1 <https://tools.ietf.org/html/draft-ietf-oauth-device-flow-04#section-3.1> is supposed to be showing a POST to the device endpoint but the Request-URI in the Request-Line is "/token", which *could* be the device endpoint but is probably just a copy/paste error and source of unneeded confusion. On Mon, Feb 27, 2017 at 11:14 AM, William Denniss <wdenniss@google.com> wrote: > My coauthors and I posted draft 04 of the OAuth 2.0 Device Flow for > Browserless and Input Constrained Devices draft today. > > Key changes: > > 1. Title updated to reflect specificity of devices that use this flow. > 2. User interaction section expanded. > 3. OAuth 2.0 Metadata > <https://tools.ietf.org/html/draft-ietf-oauth-discovery> for the > device authorization endpoint added. > 4. User interaction section expanded. > 5. Security Considerations section added. > 6. Usability Considerations section added. > > Please give it a look! > > On Mon, Feb 27, 2017 at 9:46 AM, <internet-drafts@ietf.org> wrote: > >> >> A New Internet-Draft is available from the on-line Internet-Drafts >> directories. >> This draft is a work item of the Web Authorization Protocol of the IETF. >> >> Title : OAuth 2.0 Device Flow for Browserless and Input >> Constrained Devices >> Authors : William Denniss >> John Bradley >> Michael B. Jones >> Hannes Tschofenig >> Filename : draft-ietf-oauth-device-flow-04.txt >> Pages : 15 >> Date : 2017-02-27 >> >> Abstract: >> This OAuth 2.0 authorization flow for browserless and input >> constrained devices, often referred to as the device flow, enables >> OAuth clients to request user authorization from devices that have an >> Internet connection, but don't have an easy input method (such as a >> smart TV, media console, picture frame, or printer), or lack a >> suitable browser for a more traditional OAuth flow. This >> authorization flow instructs the user to perform the authorization >> request on a secondary device, such as a smartphone. There is no >> requirement for communication between the constrained device and the >> user's secondary device. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-ietf-oauth-device-flow/ >> >> There's also a htmlized version available at: >> https://tools.ietf.org/html/draft-ietf-oauth-device-flow-04 >> >> A diff from the previous version is available at: >> https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-device-flow-04 >> >> >> Please note that it may take a couple of minutes from the time of >> submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > >
- [OAUTH-WG] I-D Action: draft-ietf-oauth-device-fl… internet-drafts
- Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-devic… William Denniss
- Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-devic… Brian Campbell
- Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-devic… William Denniss