IETF Logo Mail Archive

Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-device-flow-04.txt

Brian Campbell <bcampbell@pingidentity.com> Thu, 02 March 2017 22:50 UTC

Return-Path: <bcampbell@pingidentity.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F778128874 for <oauth@ietfa.amsl.com>; Thu, 2 Mar 2017 14:50:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pingidentity.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WrV4OH1SfoA3 for <oauth@ietfa.amsl.com>; Thu, 2 Mar 2017 14:50:04 -0800 (PST)
Received: from mail-yw0-x231.google.com (mail-yw0-x231.google.com [IPv6:2607:f8b0:4002:c05::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 00E1C127A90 for <oauth@ietf.org>; Thu, 2 Mar 2017 14:50:04 -0800 (PST)
Received: by mail-yw0-x231.google.com with SMTP id o4so7658409ywd.3 for <oauth@ietf.org>; Thu, 02 Mar 2017 14:50:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=gmail; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=kiYiYzJBZx1Cnz8LE3tOtiFPIHlTRf0m2QJGt+5qL4U=; b=bJfXiCZC/ZTupVPZaXK4NoC0XtIUGgLcvpzc0Gs2/CxNzEu2zLtQ5BCLWbnM+ITE8f fiszVfYqNv02/V8jYDCrVv3kBWVQo1BRNtHVgvRzw9c1JuSr2BpNBMalr9zoQrOQH8/1 GTXfuN9y0WqAmq+5nDAC8z5cAzJft2AxSPhZE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=kiYiYzJBZx1Cnz8LE3tOtiFPIHlTRf0m2QJGt+5qL4U=; b=hCPG3eNhieaDcRvjS6sQ6jkB7iHdCeVnXAqOwiACbM7av6fMFnn9fgjqJKzOX7enor xoGSZoefTA/N709ePgBP1QdGLlN7FBftB7RxUPLq8RUXEFfbyELLrTuB+cOsh7wmW1tm LokOLGqyAoHffD8h4uB7n0VMnNikJDQS63w5J0Abw0Dvn3gYGY7cNSI6neBX3zCFJNMe 3Clhzq63cFMueDxAlKYn0eaOuCZttBZE/jp/zasVwR9+gtU2bIQ306uHPbn5jsllsYg5 aEeHvfqXLFm10m4A2BFA2nHZqjxluxP8HFM7Q4POQ5E+BJ4prhNtFj01OhkqIxjnLl10 LXhA==
X-Gm-Message-State: AMke39l8SMH9S/mvUD2r1zgRVjeWbLHlO0f4Yh5vsch3D6Pl7MRPgEkNssb/wthxAZbQbH2DP1d93lXySYFtdTuG
X-Received: by 10.37.78.195 with SMTP id c186mr6402832ybb.180.1488495003095; Thu, 02 Mar 2017 14:50:03 -0800 (PST)
MIME-Version: 1.0
Received: by 10.37.43.4 with HTTP; Thu, 2 Mar 2017 14:49:32 -0800 (PST)
In-Reply-To: <CAAP42hBGV7gCpr9xYvcTR+xq_XRDdFE6TY7WX+Sar+p+XeUgRw@mail.gmail.com>
References: <148821758095.21176.8129728266233946666.idtracker@ietfa.amsl.com> <CAAP42hBGV7gCpr9xYvcTR+xq_XRDdFE6TY7WX+Sar+p+XeUgRw@mail.gmail.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Thu, 02 Mar 2017 15:49:32 -0700
Message-ID: <CA+k3eCRf4yyn-Wa=tYPOocRSVtiMz7dJp3bF0S2KVB03bTp9PA@mail.gmail.com>
To: William Denniss <wdenniss@google.com>
Content-Type: multipart/alternative; boundary="001a113e88fae8f2dd0549c73f8f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/l8JYlhoDhiI4KG98-zK9r9qyO1I>
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-device-flow-04.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Mar 2017 22:50:06 -0000

Two little nits about endpoint naming:

Section 2
<https://tools.ietf.org/html/draft-ietf-oauth-device-flow-04#section-2>
defines "device endpoint", which is used in the document everywhere except
the new metadata sections (section 4
<https://tools.ietf.org/html/draft-ietf-oauth-device-flow-04#section-4> and
7.3.1
<https://tools.ietf.org/html/draft-ietf-oauth-device-flow-04#section-7.3.1>)
that use the term "device authorization endpoint.", Not a big deal but
potentially a little confusing.

The example in section 3.1
<https://tools.ietf.org/html/draft-ietf-oauth-device-flow-04#section-3.1>
is supposed to be showing a POST to the device endpoint but the Request-URI
in the Request-Line is "/token", which *could* be the device endpoint but
is probably just a copy/paste error and source of unneeded confusion.



On Mon, Feb 27, 2017 at 11:14 AM, William Denniss <wdenniss@google.com>
wrote:

> My coauthors and I posted draft 04 of the OAuth 2.0 Device Flow for
> Browserless and Input Constrained Devices draft today.
>
> Key changes:
>
>    1. Title updated to reflect specificity of devices that use this flow.
>    2. User interaction section expanded.
>    3. OAuth 2.0 Metadata
>    <https://tools.ietf.org/html/draft-ietf-oauth-discovery> for the
>    device authorization endpoint added.
>    4. User interaction section expanded.
>    5. Security Considerations section added.
>    6. Usability Considerations section added.
>
> Please give it a look!
>
> On Mon, Feb 27, 2017 at 9:46 AM, <internet-drafts@ietf.org> wrote:
>
>>
>> A New Internet-Draft is available from the on-line Internet-Drafts
>> directories.
>> This draft is a work item of the Web Authorization Protocol of the IETF.
>>
>>         Title           : OAuth 2.0 Device Flow for Browserless and Input
>> Constrained Devices
>>         Authors         : William Denniss
>>                           John Bradley
>>                           Michael B. Jones
>>                           Hannes Tschofenig
>>         Filename        : draft-ietf-oauth-device-flow-04.txt
>>         Pages           : 15
>>         Date            : 2017-02-27
>>
>> Abstract:
>>    This OAuth 2.0 authorization flow for browserless and input
>>    constrained devices, often referred to as the device flow, enables
>>    OAuth clients to request user authorization from devices that have an
>>    Internet connection, but don't have an easy input method (such as a
>>    smart TV, media console, picture frame, or printer), or lack a
>>    suitable browser for a more traditional OAuth flow.  This
>>    authorization flow instructs the user to perform the authorization
>>    request on a secondary device, such as a smartphone.  There is no
>>    requirement for communication between the constrained device and the
>>    user's secondary device.
>>
>>
>> The IETF datatracker status page for this draft is:
>> https://datatracker.ietf.org/doc/draft-ietf-oauth-device-flow/
>>
>> There's also a htmlized version available at:
>> https://tools.ietf.org/html/draft-ietf-oauth-device-flow-04
>>
>> A diff from the previous version is available at:
>> https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-device-flow-04
>>
>>
>> Please note that it may take a couple of minutes from the time of
>> submission
>> until the htmlized version and diff are available at tools.ietf.org.
>>
>> Internet-Drafts are also available by anonymous FTP at:
>> ftp://ftp.ietf.org/internet-drafts/
>>
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
>>
>
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>
>

v2.23.0 | Report a Bug | By Email