[OAUTH-WG] draft-ietf-oauth-mtls-03 - auth to other endpoints?

Vladimir Dzhuvinov <vladimir@connect2id.com> Mon, 07 August 2017 15:17 UTC

Return-Path: <vladimir@connect2id.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CCDDE13246B for <oauth@ietfa.amsl.com>; Mon, 7 Aug 2017 08:17:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.92
X-Spam-Level:
X-Spam-Status: No, score=-1.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zgYCUJoLOezO for <oauth@ietfa.amsl.com>; Mon, 7 Aug 2017 08:17:33 -0700 (PDT)
Received: from p3plsmtpa09-03.prod.phx3.secureserver.net (p3plsmtpa09-03.prod.phx3.secureserver.net [173.201.193.232]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 62FEE132469 for <oauth@ietf.org>; Mon, 7 Aug 2017 08:17:33 -0700 (PDT)
Received: from [192.168.0.103] ([78.130.190.73]) by :SMTPAUTH: with SMTP id ejm9dxNdk7cSOejm9dGIBv; Mon, 07 Aug 2017 08:17:02 -0700
To: oauth <oauth@ietf.org>
From: Vladimir Dzhuvinov <vladimir@connect2id.com>
Organization: Connect2id Ltd.
Message-ID: <eab137d4-e60a-e37c-f2f2-c33bb0887ece@connect2id.com>
Date: Mon, 7 Aug 2017 18:17:00 +0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms030403050303040609020203"
X-CMAE-Envelope: MS4wfAyzMc3uae6EW/cfWKAOMUIeuohOLbXP/z2a4DWziZsU2l1TdzXz+HQFPfAwlxPzT3BHXnPe/Rj2YzY/ORKNMDhoSHsIRRJqnwK8Qh1+0uFvD9Z0lazB 0zxCJuW6HUskrb+8LP376+auWBSz9ngUs7eQi3FmJWlPlkggBjfiW4nT
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/pEAAhznlXTGkbyIawKcDNuTlN9I>
Subject: [OAUTH-WG] draft-ietf-oauth-mtls-03 - auth to other endpoints?
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Aug 2017 15:17:35 -0000

I just noticed that the spec is very explicit on the MTLS auth method
being used for the token endpoint, but it could also work with other
endpoints, e.g. RFC 7009 (revocation), 7662 (intospection).

Were there any talks about that?

Vladimir