Re: [OAUTH-WG] OAuth and IoT
Adam Lewis <adam.lewis@motorolasolutions.com> Fri, 02 October 2015 20:19 UTC
Return-Path: <adam.lewis@motorolasolutions.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1EC9A1B2D40 for <oauth@ietfa.amsl.com>; Fri, 2 Oct 2015 13:19:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.644
X-Spam-Level:
X-Spam-Status: No, score=-1.644 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1XLcvVcm_viu for <oauth@ietfa.amsl.com>; Fri, 2 Oct 2015 13:19:31 -0700 (PDT)
Received: from mx0b-0019e102.pphosted.com (mx0b-0019e102.pphosted.com [67.231.157.237]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1B05D1B2D3E for <oauth@ietf.org>; Fri, 2 Oct 2015 13:19:30 -0700 (PDT)
Received: from pps.filterd (m0074414.ppops.net [127.0.0.1]) by mx0b-0019e102.pphosted.com (8.15.0.59/8.15.0.59) with SMTP id t92KBxrk030928 for <oauth@ietf.org>; Fri, 2 Oct 2015 15:19:29 -0500
Received: from mail-yk0-f171.google.com (mail-yk0-f171.google.com [209.85.160.171]) by mx0b-0019e102.pphosted.com with ESMTP id 1x9ymq03f8-1 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for <oauth@ietf.org>; Fri, 02 Oct 2015 15:19:29 -0500
Received: by ykft14 with SMTP id t14so121654579ykf.0 for <oauth@ietf.org>; Fri, 02 Oct 2015 13:19:29 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:content-type; bh=HEtHgCdeCMq7bUecNu++9dmIMnUlDIAD977rNK2l0Do=; b=NsO2c2dV/KESHvPlbv5KrXlFtAymLFxGQtLpeen6WPbCZZ3gkUL4RhT9Mo7UVWDzh0 gL0G0BLjpw5vtlaMBOF+gnIPp993WpEdRoJCz0v+UqKf/xzr8s/mCNe/gxWYAslXNBN9 9KKGCcOFABYk0LE8B+/JCUIDpyusLQivE9VgjzLSsZxLkWJHIMhLh+mQMwGuplXjVTXm kS0kngMFNVp8rZ1hIFipbumRPa9ZfNP+OpRloFz5KcU4V5osMO4MdyOOrLApUjdLnxaJ I/UF7YnLjS7GXstld7/E6FgtkGOXUjr+wx6Ygme+tKf+i8uc9ygkq5fgO3jFEc/fTd0T QRng==
X-Gm-Message-State: ALoCoQk9DvAzRaxl4lTEWeQAXYDQbofv2cmSb+xgaW2QaJB0OxSI98lVyC6IJezesmjxfhuT7SkT5CvMm0IQEWPfcDl53Z0Du62JmA7eI0SjHzokvdbN8SCR9i7JDmatklw4PbjcORvm
X-Received: by 10.170.52.7 with SMTP id 7mr14861497yku.74.1443817169465; Fri, 02 Oct 2015 13:19:29 -0700 (PDT)
X-Received: by 10.170.52.7 with SMTP id 7mr14861487yku.74.1443817169312; Fri, 02 Oct 2015 13:19:29 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.37.195.194 with HTTP; Fri, 2 Oct 2015 13:19:09 -0700 (PDT)
In-Reply-To: <CAOahYUwiWV-XTVu-RWX5BjJ5D+Tun3SBR3ep2XUy8+pxq=sK3Q@mail.gmail.com>
References: <CAOahYUwiWV-XTVu-RWX5BjJ5D+Tun3SBR3ep2XUy8+pxq=sK3Q@mail.gmail.com>
From: Adam Lewis <adam.lewis@motorolasolutions.com>
Date: Fri, 02 Oct 2015 15:19:09 -0500
Message-ID: <CAOahYUyXeajxF2AVd5yu_xbGV-Jz1YN1TiZP90Scot5B710yVw@mail.gmail.com>
To: OAuth WG <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="001a1139377a7f6f8c052124e1b4"
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 kscore.is_bulkscore=0 kscore.compositescore=1 compositescore=0.9 suspectscore=1 phishscore=0 bulkscore=0 kscore.is_spamscore=0 rbsscore=0.9 spamscore=0 urlsuspectscore=0.9 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1508030000 definitions=main-1510020253
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/ozRRFXOzYoDIcAR5ZoPRSIptt1M>
Subject: Re: [OAUTH-WG] OAuth and IoT
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Oct 2015 20:19:32 -0000
And on that similar note, has their been any work done around having a singe client id, and registering that client id with the AS, but tying the client id to a trust anchor instead of a single public key certificate, such that any client issued a certificate by the trusted CA could obtain an access token? This would enable a single entry in the AS for each type of client. On Fri, Oct 2, 2015 at 2:45 PM, Adam Lewis <adam.lewis@motorolasolutions.com > wrote: > Hi all, > > Looking to find some pointers to effort around usage of OAuth and IoT. > Will embedded devices / appliances use the client credential grant type? > This would seem to be a natural choice, now does every device have a unique > client id? I am looking at use cases where we will have a large set of > devices without a UI acting on their own behalf (not the users) and will > need to obtain access tokens. What are the best practices around this? It > seems impractical to add every one of these devices as a unique client to > the OAuth server, but I'm unclear what the other options are given the > current set of drafts. > > > > tx! > adam >
- [OAUTH-WG] OAuth and IoT Adam Lewis
- Re: [OAUTH-WG] OAuth and IoT Adam Lewis
- Re: [OAUTH-WG] OAuth and IoT Kathleen Moriarty
- Re: [OAUTH-WG] OAuth and IoT Adam Lewis
- Re: [OAUTH-WG] OAuth and IoT Kathleen Moriarty