Re: [OAUTH-WG] Rechartering

Torsten Lodderstedt <torsten@lodderstedt.net> Sun, 12 September 2010 06:40 UTC

Return-Path: <torsten@lodderstedt.net>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 29C653A686B for <oauth@core3.amsl.com>; Sat, 11 Sep 2010 23:40:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[AWL=0.147, BAYES_00=-2.599, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oF8Csp59DSz8 for <oauth@core3.amsl.com>; Sat, 11 Sep 2010 23:40:23 -0700 (PDT)
Received: from smtprelay03.ispgateway.de (smtprelay03.ispgateway.de [80.67.31.26]) by core3.amsl.com (Postfix) with ESMTP id C0F1F3A6884 for <oauth@ietf.org>; Sat, 11 Sep 2010 23:40:22 -0700 (PDT)
Received: from p4ffd11ed.dip.t-dialin.net ([79.253.17.237] helo=[127.0.0.1]) by smtprelay03.ispgateway.de with esmtpa (Exim 4.68) (envelope-from <torsten@lodderstedt.net>) id 1OugF5-0005RR-QO; Sun, 12 Sep 2010 08:40:47 +0200
Message-ID: <4C8C75EB.50800@lodderstedt.net>
Date: Sun, 12 Sep 2010 08:40:43 +0200
From: Torsten Lodderstedt <torsten@lodderstedt.net>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; de; rv:1.9.2.8) Gecko/20100802 Thunderbird/3.1.2
MIME-Version: 1.0
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>
References: <4C8C17F9.9050908@gmx.net> <4C8C1BA1.1020902@gmx.net>
In-Reply-To: <4C8C1BA1.1020902@gmx.net>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Df-Sender: 141509
Cc: oauth@ietf.org
Subject: Re: [OAUTH-WG] Rechartering
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Sep 2010 06:40:24 -0000

  Hannes,

what about discovery?

"Recommendations of commonly used Scope values" sounds to weak from my 
point of view. I would rather suggest to work towards a clear definition 
of scope syntax and semantics, including resource server identification.

Please note, I submitted a I-D on token revocation 
(https://datatracker.ietf.org/doc/draft-lodderstedt-oauth-revocation/) I 
would like to become a WG item.

regards,
Torsten.

Am 12.09.2010 02:15, schrieb Hannes Tschofenig:
> I forgot an item already, namely 'identity management using OAuth' in 
> the style of OpenID Connect.
>
> At IIW we also had a chat about an implementers guide and 
> interoperability tests. The idea of the implementers guide is create a 
> living document that captures implementation experience with different 
> programming languages and development frameworks. It was also expected 
> that implementers will bundle different profiles and different 
> extensions in their implementation and it would be useful to describe 
> their experience.
>
> In any case, I think both items are important.
>
> Ciao
> Hannes
>
> On 11.09.2010 19:59, Hannes Tschofenig wrote:
>> Hi all,
>>
>> at the Washington Internet Identity Workshop we had the chance to chat
>> about OAuth. Given the progress on the main specification we should
>> discuss WG re-chartering.
>>
>> The following items had been proposed at the meeting:
>>
>> * Messaging Signing
>> Example: 
>> http://www.ietf.org/mail-archive/web/oauth/current/msg04250.html
>>
>> * User Experience Extensions
>> Example: http://datatracker.ietf.org/doc/draft-recordon-oauth-v2-ux/
>>
>> * Artifact Binding
>> Example: http://datatracker.ietf.org/doc/draft-sakimura-oauth-requrl/
>>
>> * SAML for OAuth
>> Example: http://datatracker.ietf.org/doc/draft-campbell-oauth-saml/
>>
>> * Recommendations of commonly used Scope values
>> No draft available (to my knowledge)
>>
>> * Dynamic Client Registration
>> Example: http://www.ietf.org/id/draft-oauth-dyn-reg-v1-00.txt
>>
>> I am interested to hear
>> a) what items are important for you; we cannot work on everything at the
>> same time.
>> b) what items are you willing to co-author (requires a hard time
>> commitment)
>> c) what items are you willing to review
>> d) whether we should consider other items?
>>
>> Btw, to have your work considered you have to submit an IETF draft.
>> Please use the Web tool to upload it:
>> https://datatracker.ietf.org/idst/upload.cgi
>> Also use the following filename convention:
>> draft-[author last name]-oauth-[some short name]-[version#].txt
>>
>> Ciao
>> Hannes
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
>>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth