Re: [OAUTH-WG] Dynamic Client Registration

Eve Maler <eve@xmlgrrl.com> Sat, 14 April 2012 01:30 UTC

Return-Path: <eve@xmlgrrl.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B723421F8533 for <oauth@ietfa.amsl.com>; Fri, 13 Apr 2012 18:30:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.293
X-Spam-Level:
X-Spam-Status: No, score=-1.293 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FROM_DOMAIN_NOVOWEL=0.5, SARE_URI_CONS7=0.306, URI_NOVOWEL=0.5]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PUW3+2u12O97 for <oauth@ietfa.amsl.com>; Fri, 13 Apr 2012 18:30:03 -0700 (PDT)
Received: from promanage-inc.com (eliasisrael.com [50.47.36.5]) by ietfa.amsl.com (Postfix) with ESMTP id 85B3821F8526 for <oauth@ietf.org>; Fri, 13 Apr 2012 18:29:30 -0700 (PDT)
Received: from [192.168.168.185] ([192.168.168.185]) (authenticated bits=0) by promanage-inc.com (8.14.4/8.14.4) with ESMTP id q3E1TQHx022801 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Fri, 13 Apr 2012 18:29:27 -0700
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: text/plain; charset=us-ascii
From: Eve Maler <eve@xmlgrrl.com>
In-Reply-To: <5F51A14F-D548-4D29-B20F-5C3DCB3CB705@gmx.net>
Date: Fri, 13 Apr 2012 18:29:26 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <3E72A308-75EE-4F5C-96CC-A51F0B81106A@xmlgrrl.com>
References: <5F51A14F-D548-4D29-B20F-5C3DCB3CB705@gmx.net>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>
X-Mailer: Apple Mail (2.1257)
Cc: "oauth@ietf.org WG" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Dynamic Client Registration
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Apr 2012 01:30:03 -0000

Hi Hannes-- That's kind of a cool idea. You're right that it's a "client account" of sorts. At least worth exploring, I'd say, unless a SCIM expert pipes up with a reason why not.

	Eve

On 13 Apr 2012, at 7:36 AM, Hannes Tschofenig wrote:

> Hi all, 
> 
> at the IETF#83 OAuth working group meeting we had some confusion about the Dynamic Client Registration and the Simple Web Discovery item. I just listened to the audio recording again. 
> 
> With the ongoing mailing list discussion regarding WebFinger vs. Simple Web Discovery I hope that folks had a chance to look at the documents again and so the confusion of some got resolved.  
> 
> I believe the proposed new charter item is sufficiently clear with regard to the scope of the work. Right? 
> Here is the item again:
> "
> Jul. 2013  Submit 'OAuth Dynamic Client Registration Protocol' to the IESG for consideration as a Proposed Standard
> 
> [Starting point for the work will be 
> http://tools.ietf.org/html/draft-hardjono-oauth-dynreg
> ] 
> "
> 
> Of course there there is a relationship between Simple Web Discovery (or WebFinger) and the dynamic client registration since the client first needs to discover the client registration endpoint at the authorization server before interacting with it. 
> 
> Now, one thing that just came to my mind when looking again at draft-hardjono-oauth-dynreq was the following: Could the Client Registration Request and Response protocol exchange could become a profile of the SCIM protocol? In some sense this exchange is nothing else than provisioning an account at the Authorization Server (along with some meta-data).
> 
> Is this too far fetched? 
> 
> Ciao
> Hannes
> 
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth


Eve Maler                                  http://www.xmlgrrl.com/blog
+1 425 345 6756                         http://www.twitter.com/xmlgrrl