Re: [OAUTH-WG] Working Group Last Call on Dynamic Client Registration Documents

Phil Hunt <phil.hunt@oracle.com> Sun, 06 April 2014 17:48 UTC

Return-Path: <phil.hunt@oracle.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D9B301A02B0 for <oauth@ietfa.amsl.com>; Sun, 6 Apr 2014 10:48:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Level:
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CfFMdO7DFF52 for <oauth@ietfa.amsl.com>; Sun, 6 Apr 2014 10:48:53 -0700 (PDT)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) by ietfa.amsl.com (Postfix) with ESMTP id B10771A0265 for <oauth@ietf.org>; Sun, 6 Apr 2014 10:48:53 -0700 (PDT)
Received: from ucsinet21.oracle.com (ucsinet21.oracle.com [156.151.31.93]) by userp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id s36HmlJP024621 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Sun, 6 Apr 2014 17:48:48 GMT
Received: from userz7021.oracle.com (userz7021.oracle.com [156.151.31.85]) by ucsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id s36HmkM6007188 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Sun, 6 Apr 2014 17:48:47 GMT
Received: from abhmp0010.oracle.com (abhmp0010.oracle.com [141.146.116.16]) by userz7021.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id s36Hmkxs007182; Sun, 6 Apr 2014 17:48:46 GMT
Received: from [192.168.1.186] (/174.7.250.104) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Sun, 06 Apr 2014 10:48:46 -0700
Content-Type: multipart/alternative; boundary="Apple-Mail=_C8193CDD-34C8-4AC9-8BBA-F68659E7329A"
Mime-Version: 1.0 (Mac OS X Mail 7.2 \(1874\))
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <4E1F6AAD24975D4BA5B16804296739439A148D31@TK5EX14MBXC286.redmond.corp.microsoft.com>
Date: Sun, 6 Apr 2014 10:48:44 -0700
Message-Id: <8B95347D-DCB8-4C09-9138-6D02A0D11760@oracle.com>
References: <533E77C3.9000509@gmx.net> <1396629672.75505.YahooMailNeo@web142804.mail.bf1.yahoo.com> <495B4720-34D6-4588-9E63-A8F501D39177@lodderstedt.net> <1396761153.23438.YahooMailNeo@web142805.mail.bf1.yahoo.com> <D8D86C7B-9DC6-44CE-A7E4-903313571A31@lodderstedt.net> <4E1F6AAD24975D4BA5B16804296739439A148D31@TK5EX14MBXC286.redmond.corp.microsoft.com>
To: Mike Jones <Michael.Jones@microsoft.com>
X-Mailer: Apple Mail (2.1874)
X-Source-IP: ucsinet21.oracle.com [156.151.31.93]
Archived-At: http://mailarchive.ietf.org/arch/msg/oauth/pba1sd6aD1UvSj4P7RB5BlhRJvE
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Working Group Last Call on Dynamic Client Registration Documents
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 06 Apr 2014 17:48:58 -0000

So in other words, OpenID Connect defines (or should define) how this happens.

There is no need for the Dyn Reg spec to clarify this right?

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com



On Apr 6, 2014, at 10:44 AM, Mike Jones <Michael.Jones@microsoft.com> wrote:

> As a point of clarity, OpenID Connect does not mandate support for dynamic registration in all cases.  In static profiles with a pre-established set of identity providers, it isn’t required.  It *is* required in the dynamic profile, in which clients can use identity providers that they have no pre-existing relationship with.
>  
>                                                             -- Mike
>  
> From: OAuth [mailto:oauth-bounces@ietf.org] On Behalf Of Torsten Lodderstedt
> Sent: Sunday, April 06, 2014 12:59 AM
> To: Bill Mills
> Cc: oauth@ietf.org
> Subject: Re: [OAUTH-WG] Working Group Last Call on Dynamic Client Registration Documents
>  
> I think it is at the discretion of the actual deployment whether clients may dynamically register or not (meaning they need to go through some oob mechanism). Protocols utilizing OAuth could make it part of their mandatory to implement features - in the same way OIDC does.
>  
> Best regards,
> Torsten.
> Am 06.04.2014 um 07:12 schrieb Bill Mills <wmills_92105@yahoo.com>om>:
> 
> To me the fundamental question of whether a client has to be registered in each place it is used is quite significant.  We don't address the problem and have not discussed it enough.
>  
> -bill
> On Friday, April 4, 2014 11:39 PM, Torsten Lodderstedt <torsten@lodderstedt.net> wrote:
> Hi Bill,
>  
> which scalability problem are you referring to? As far as I remember there were issues around the management API but not the core protocol.
>  
> regards,
> Torsten.
> 
> Am 04.04.2014 um 18:41 schrieb Bill Mills <wmills_92105@yahoo.com>om>:
> 
> Given the fundamental scalability problem we discussed in London do we really feel we're ready?
> On Friday, April 4, 2014 3:07 AM, Hannes Tschofenig <hannes.tschofenig@gmx.net> wrote:
> Hi all,
> 
> This is a Last Call for comments on the dynamic client registration
> documents:
> 
> * OAuth 2.0 Dynamic Client Registration Core Protocol
> http://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-16
> 
> * OAuth 2.0 Dynamic Client Registration Metadata
> http://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-metadata-00
> 
> Since we have to do the last call for these two documents together we
> are setting the call for **3 weeks**.
> 
> Please have your comments in no later than April 25th.
> 
> Ciao
> Hannes & Derek
> 
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
> 
> 
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>  
> 
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth