IETF Logo Mail Archive

[OAUTH-WG] Fwd: New Version Notification for draft-hunt-oauth-v2-user-a4c-00.txt

Phil Hunt <phil.hunt@oracle.com> Mon, 29 July 2013 08:15 UTC

Return-Path: <phil.hunt@oracle.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C58E721F9E6C for <oauth@ietfa.amsl.com>; Mon, 29 Jul 2013 01:15:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.073
X-Spam-Level:
X-Spam-Status: No, score=-5.073 tagged_above=-999 required=5 tests=[AWL=1.524, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zteELf4dP9y5 for <oauth@ietfa.amsl.com>; Mon, 29 Jul 2013 01:15:11 -0700 (PDT)
Received: from aserp1040.oracle.com (aserp1040.oracle.com [141.146.126.69]) by ietfa.amsl.com (Postfix) with ESMTP id E6D4221F8D96 for <oauth@ietf.org>; Mon, 29 Jul 2013 01:14:21 -0700 (PDT)
Received: from acsinet22.oracle.com (acsinet22.oracle.com [141.146.126.238]) by aserp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r6T8EKCx020879 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <oauth@ietf.org>; Mon, 29 Jul 2013 08:14:21 GMT
Received: from userz7022.oracle.com (userz7022.oracle.com [156.151.31.86]) by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r6T8EJlU028632 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <oauth@ietf.org>; Mon, 29 Jul 2013 08:14:20 GMT
Received: from abhmt107.oracle.com (abhmt107.oracle.com [141.146.116.59]) by userz7022.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r6T8EJpS027343 for <oauth@ietf.org>; Mon, 29 Jul 2013 08:14:19 GMT
Received: from dhcp-121b.meeting.ietf.org (/130.129.18.27) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Mon, 29 Jul 2013 01:14:19 -0700
From: Phil Hunt <phil.hunt@oracle.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_17FC0311-06B7-4AC6-9A06-4D2CC5C6D27A"
Date: Mon, 29 Jul 2013 10:14:16 +0200
References: <20130729074941.28839.7732.idtracker@ietfa.amsl.com>
To: "oauth@ietf.org WG" <oauth@ietf.org>
Message-Id: <E4ED649B-D9FE-4B38-B8B2-82A7FF600C07@oracle.com>
Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\))
X-Mailer: Apple Mail (2.1508)
X-Source-IP: acsinet22.oracle.com [141.146.126.238]
Subject: [OAUTH-WG] Fwd: New Version Notification for draft-hunt-oauth-v2-user-a4c-00.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Jul 2013 08:15:19 -0000

FYI.  I have been noticing a substantial number of sites acting as OAuth Clients using OAuth to authenticate users.

I know several of us have blogged on the issue over the past year so I won't re-hash it here.  In short, many of us recommended OIDC as the correct methodology.

Never-the-less, I've spoken with a number of service providers who indicate they are not ready to make the jump to OIDC, yet they agree there is a desire to support authentication only (where as OIDC does IDP-like services).

This draft is intended as a minimum authentication only specification.  I've tried to make it as compatible as possible with OIDC.

For now, I've just posted to keep track of the issue so we can address at the next re-chartering.

Happy to answer questions and discuss. 

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





Begin forwarded message:

> From: internet-drafts@ietf.org
> Subject: New Version Notification for draft-hunt-oauth-v2-user-a4c-00.txt
> Date: 29 July, 2013 9:49:41 AM GMT+02:00
> To: Phil Hunt <phil.hunt@yahoo.com>, Phil Hunt <None@ietfa.amsl.com>, Phil Hunt <>
> 
> 
> A new version of I-D, draft-hunt-oauth-v2-user-a4c-00.txt
> has been successfully submitted by Phil Hunt and posted to the
> IETF repository.
> 
> Filename:	 draft-hunt-oauth-v2-user-a4c
> Revision:	 00
> Title:		 OAuth 2.0 User Authentication For Client
> Creation date:	 2013-07-29
> Group:		 Individual Submission
> Number of pages: 9
> URL:             http://www.ietf.org/internet-drafts/draft-hunt-oauth-v2-user-a4c-00.txt
> Status:          http://datatracker.ietf.org/doc/draft-hunt-oauth-v2-user-a4c
> Htmlized:        http://tools.ietf.org/html/draft-hunt-oauth-v2-user-a4c-00
> 
> 
> Abstract:
>   This specification defines a new OAuth2 endpoint that enables user
>   authentication session information to be shared with client
>   applications.
> 
> 
> 
> 
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
> 
> The IETF Secretariat
>

v2.23.0 | Report a Bug | By Email