IETF Logo Mail Archive

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Wed 28 Aug, 2pm PDT: Conference Bridge Details

"Donald F Coffin" <donald.coffin@reminetworks.com> Wed, 28 August 2013 17:19 UTC

Return-Path: <donald.coffin@reminetworks.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2583721E8064 for <oauth@ietfa.amsl.com>; Wed, 28 Aug 2013 10:19:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.265
X-Spam-Level:
X-Spam-Status: No, score=-2.265 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fZola8JgUtXK for <oauth@ietfa.amsl.com>; Wed, 28 Aug 2013 10:19:01 -0700 (PDT)
Received: from oproxy13-pub.mail.unifiedlayer.com (oproxy13-pub.mail.unifiedlayer.com [69.89.16.30]) by ietfa.amsl.com (Postfix) with SMTP id CAB9121E804D for <oauth@ietf.org>; Wed, 28 Aug 2013 10:19:00 -0700 (PDT)
Received: (qmail 30084 invoked by uid 0); 28 Aug 2013 17:18:39 -0000
Received: from unknown (HELO host125.hostmonster.com) (74.220.207.125) by oproxy13.mail.unifiedlayer.com with SMTP; 28 Aug 2013 17:18:38 -0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=reminetworks.com; s=default; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Message-ID:Date:Subject:In-Reply-To:References:Cc:To:From; bh=IWO0hr7xhQR7tnFJHy1NGAjSPnWDwXvMIMorwAkIvp4=; b=Ja1yiIxHWWojgPUP1w74Ns1I44h7ANgADypji35qRJb+AFvTRoHB2OFGaswJcALVP++cS7KbZW1xUEFCHaMTS+h2p6mrunis+ZC48mcm3SafhtftfAr3mIb9xaSuyNvt;
Received: from [68.4.207.246] (port=1921 helo=HPPavilionElite) by host125.hostmonster.com with esmtpsa (TLSv1:RC4-SHA:128) (Exim 4.80) (envelope-from <donald.coffin@reminetworks.com>) id 1VEjO9-0002xP-Su; Wed, 28 Aug 2013 11:18:38 -0600
From: Donald F Coffin <donald.coffin@reminetworks.com>
To: 'Justin Richer' <jricher@mitre.org>, 'Phil Hunt' <phil.hunt@oracle.com>
References: <1373E8CE237FCC43BCA36C6558612D2AA28D6A@USCHMBX001.nsn-intra.net> <4D9D4AAD-55F9-4B7E-A56F-5BC42F028E13@oracle.com> <B14A12F5-EF5C-4529-90B7-C30E17958907@oracle.com> <521E1A34.30204@mitre.org>
In-Reply-To: <521E1A34.30204@mitre.org>
Date: Wed, 28 Aug 2013 10:17:30 -0700
Message-ID: <00b701cea412$7ad1a7d0$7074f770$@reminetworks.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQK+LBuYX0MP19aA+n2gLHy0oQjvrwLA631YAsPhEqgBK9e6XZeWR5Bg
Content-Language: en-us
X-Identified-User: {1395:host125.hostmonster.com:reminetw:reminetworks.com} {sentby:smtp auth 68.4.207.246 authed with donald.coffin@reminetworks.com}
Cc: 'oauth mailing list' <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Wed 28 Aug, 2pm PDT: Conference Bridge Details
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Aug 2013 17:19:05 -0000

+1

Best regards,
Don
Donald F. Coffin
Founder/CTO

REMI Networks
22751 El Prado Suite 6216
Rancho Santa Margarita, CA  92688-3836

Phone:      (949) 636-8571
Email:       donald.coffin@reminetworks.com


-----Original Message-----
From: Justin Richer [mailto:jricher@mitre.org] 
Sent: Wednesday, August 28, 2013 8:42 AM
To: Phil Hunt
Cc: oauth mailing list
Subject: Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Wed 28
Aug, 2pm PDT: Conference Bridge Details

Except for the cases where you want step 1 to happen in band. To me, that is
a vitally and fundamentally important use case that we can't disregard, and
we must have a solution that can accommodate that. The notions of
"publisher" and "product" fade very quickly once you get outside of the
software vendor world.

This is, of course, not to stand in the way of other solutions or approaches
(such as something assertion based like you're after). It's not a
one-or-the-other proposition, especially when there are mutually exclusive
aspects of each.

Therefore I once again call for the WG to finish the current dynamic
registration spec *AND* pursue the assertion based process that Phil's
talking about. They're not mutually exclusive, let's please stop talking
about them like they are.

  -- Justin

On 08/28/2013 11:17 AM, Phil Hunt wrote:
> Sorry. I meant also to say i think there are 2 registration steps.
>
> 1. Software registration/approval. This often happens out of band. But in
this step policy is defined that approves software for use. Many of the reg
params are known here.
>
> Federation techniques come into play as trust approvals can be based on
developer, product or even publisher.
>
> 2. Each instance associates in a stateless way. Only clients that need
credential rotation need more.
>
> Phil
>
> On 2013-08-28, at 8:04, Phil Hunt <phil.hunt@oracle.com> wrote:
>
>> I have a conflict I cannot get out of for 2pacific.
>>
>> I think a certificate based approach is going to simplify exchanges in
all cases. I encourage the group to explore the concept on the call.
>>
>> I am not sure breaking dyn reg up helps. It creates yet another option. I
would like to explore how federation concept in software statements can help
with facilitating association and making many reg stateless.
>>
>> Phil
>>
>> On 2013-08-28, at 5:43, "Tschofenig, Hannes (NSN - FI/Espoo)"
<hannes.tschofenig@nsn.com> wrote:
>>
>>> Here are the conference bridge / Webex details for the call today.
>>> We are going to complete the use case discussions from last time 
>>> (Phil wasn't able to walk through all slides). Justin was also able 
>>> to work out a strawman proposal based on the discussions last week 
>>> and we will have a look at it to see whether this is a suitable 
>>> compromise. Here is Justin's mail, in case you have missed it: 
>>> http://www.ietf.org/mail-archive/web/oauth/current/msg12036.html
>>>
>>> Phil, please feel free to make adjustments to your slides given the
Justin's recent proposal.
>>>
>>> Topic: OAuth Dynamic Client Registration
>>> Date: Wednesday, August 28, 2013
>>> Time: 2:00 pm, Pacific Daylight Time (San Francisco, GMT-07:00) 
>>> Meeting Number: 703 230 586 Meeting Password: oauth
>>>
>>> -------------------------------------------------------
>>> To join the online meeting
>>> -------------------------------------------------------
>>> 1. Go to 
>>> https://nsn.webex.com/nsn/j.php?ED=269567657&UID=0&PW=NNTI1ZWQzMDJk&
>>> RT=MiM0 2. Enter your name and email address.
>>> 3. Enter the meeting password: oauth 4. Click "Join Now".
>>>
>>> To view in other time zones or languages, please click the link:
>>> https://nsn.webex.com/nsn/j.php?ED=269567657&UID=0&PW=NNTI1ZWQzMDJk&
>>> ORT=MiM0
>>>
>>> To add this meeting to your calendar program (for example Microsoft
Outlook), click this link:
>>> https://nsn.webex.com/nsn/j.php?ED=269567657&UID=0&ICS=MI&LD=1&RD=2&
>>> ST=1&SHA2=C6-AjLGvhdYjmpVdx75M6UsAwrNLMsequ5n95Gyv1R8=&RT=MiM0
>>>
>>> -------------------------------------------------------
>>> To join the teleconference only
>>> -------------------------------------------------------
>>> Global dial-in Numbers: http://www.nokiasiemensnetworks.com/nvc
>>> Conference Code: 944 910 5485
>>>
>>>
>>> _______________________________________________
>>> OAuth mailing list
>>> OAuth@ietf.org
>>> https://www.ietf.org/mailman/listinfo/oauth
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth

v2.46.0 | Report a Bug | By Email | System Status