IETF Logo Mail Archive

[OAUTH-WG] (no subject)

"RFC ISE (Adrian Farrel)" <rfc-ise@rfc-editor.org> Mon, 15 February 2021 18:57 UTC

Return-Path: <rfc-ise@rfc-editor.org>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 342733A0FE8; Mon, 15 Feb 2021 10:57:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.002
X-Spam-Level:
X-Spam-Status: No, score=0.002 tagged_above=-999 required=5 tests=[RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NoHJDUDDFY96; Mon, 15 Feb 2021 10:57:01 -0800 (PST)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DFD063A0FDC; Mon, 15 Feb 2021 10:57:01 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by rfc-editor.org (Postfix) with ESMTP id F2B80F4070D; Mon, 15 Feb 2021 10:56:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at rfc-editor.org
Received: from rfc-editor.org ([127.0.0.1]) by localhost (rfcpa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RBPo4OnhUkYu; Mon, 15 Feb 2021 10:56:55 -0800 (PST)
Received: from www.rfc-editor.org (localhost [127.0.0.1]) by rfc-editor.org (Postfix) with ESMTP id 827E0F406CD; Mon, 15 Feb 2021 10:56:55 -0800 (PST)
Received: from 84.92.155.108 (SquirrelMail authenticated user rfcpise) by www.rfc-editor.org with HTTP; Mon, 15 Feb 2021 10:56:55 -0800
Message-ID: <1e5f0e825a2580f68c92aa5a1d798090.squirrel@www.rfc-editor.org>
Date: Mon, 15 Feb 2021 10:56:55 -0800
From: "RFC ISE (Adrian Farrel)" <rfc-ise@rfc-editor.org>
To: oauth@ietf.org
Cc: Adrian Farrel <rfc-ise@rfc-editor.org>, draft-ideskog-assisted-token@ietf.org
Reply-To: rfc-ise@rfc-editor.org
User-Agent: SquirrelMail/1.4.21
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/n_qxQb2qirVzc8fFLf8tZzxGAz4>
Subject: [OAUTH-WG] (no subject)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Feb 2021 18:57:03 -0000

Hi OAuth,

The authors of draft-ideskog-assisted-token [1] have approached me
requesting that the draft be published as an Informational RFC in the
Independent Submission Stream [2].

The draft extends the OAuth 2.0 framework to include an additional
authorization flow for single page applications called the assisted token
flow. It is intended to enable OAuth clients that are written in scripting
languages (such as JavaScript) to request user authorization using a
simplified method. Communication leverages HTML's iframe element, child
windows, and the postMessage interface. This communication is done using
an additional endpoint, the assisted token endpoint.

It is clear to me that this work could be in scope for OAuth and I want to
be sure that both:
- there is no interest within the WG in pursuing this approach
- there is no perceived harm to existing OAuth work if this goes ahead

I'd appreciate any opinions.

Many thanks,
Adrian
-- 
Adrian Farrel (Independent Submissions Editor),
rfc-ise@rfc-editor.org

[1] https://datatracker.ietf.org/doc/draft-ideskog-assisted-token/
[2] https://www.rfc-editor.org/about/independent/

v2.23.0 | Report a Bug | By Email