Re: [OAUTH-WG] resource server id needed?
Brian Eaton <beaton@google.com> Fri, 16 July 2010 16:35 UTC
Return-Path: <beaton@google.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D2C3D3A69C8 for <oauth@core3.amsl.com>; Fri, 16 Jul 2010 09:35:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.905
X-Spam-Level:
X-Spam-Status: No, score=-101.905 tagged_above=-999 required=5 tests=[AWL=0.072, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0V1Hq8djir3T for <oauth@core3.amsl.com>; Fri, 16 Jul 2010 09:35:38 -0700 (PDT)
Received: from smtp-out.google.com (smtp-out.google.com [74.125.121.35]) by core3.amsl.com (Postfix) with ESMTP id B84CD3A67F3 for <oauth@ietf.org>; Fri, 16 Jul 2010 09:35:37 -0700 (PDT)
Received: from hpaq6.eem.corp.google.com (hpaq6.eem.corp.google.com [172.25.149.6]) by smtp-out.google.com with ESMTP id o6GGZmeH008713 for <oauth@ietf.org>; Fri, 16 Jul 2010 09:35:48 -0700
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=google.com; s=beta; t=1279298148; bh=Epg/Io5CuR5BKqbbweI3BBiopGE=; h=MIME-Version:In-Reply-To:References:Date:Message-ID:Subject:From: To:Cc:Content-Type; b=JMvSgIcprLczHYoiBnecOJkNlHqYfRlPO3j1jaU2hSNud3CFwjNW/gnEVg/asRapC nXukF8sB8drUCw1w6hPMQ==
DomainKey-Signature: a=rsa-sha1; s=beta; d=google.com; c=nofws; q=dns; h=mime-version:in-reply-to:references:date:message-id:subject:from:to: cc:content-type:x-system-of-record; b=esKxrAKTZ5oTRpub4vEMditvXwGAKGwwhCRv17Jk+lU6T83yyE+4cYt8BUajFY6kG Iurn70pG2I0igGPcU/n9g==
Received: from pva4 (pva4.prod.google.com [10.241.209.4]) by hpaq6.eem.corp.google.com with ESMTP id o6GGZlPR032133 for <oauth@ietf.org>; Fri, 16 Jul 2010 09:35:47 -0700
Received: by pva4 with SMTP id 4so923597pva.16 for <oauth@ietf.org>; Fri, 16 Jul 2010 09:35:46 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.142.211.6 with SMTP id j6mr1774905wfg.166.1279298142251; Fri, 16 Jul 2010 09:35:42 -0700 (PDT)
Received: by 10.142.193.19 with HTTP; Fri, 16 Jul 2010 09:35:41 -0700 (PDT)
In-Reply-To: <6B1F8C6947A5DC48B613C46E7B420A3A074C1804@S4DE9JSAACX.ost.t-com.de>
References: <C8645B85.372D8%eran@hueniverse.com> <4C3F3F6A.5000409@lodderstedt.net> <AANLkTinIjg7MIBmEIUzV9_Uo3MDb0nXvYXJcXNeLTUCe@mail.gmail.com> <4C3F9064.6060604@lodderstedt.net> <6B1F8C6947A5DC48B613C46E7B420A3A074C1804@S4DE9JSAACX.ost.t-com.de>
Date: Fri, 16 Jul 2010 09:35:41 -0700
Message-ID: <AANLkTimXxuZaNg9S6Q0-qn7Zqf6-W4Uy2QhkiYaYENKu@mail.gmail.com>
From: Brian Eaton <beaton@google.com>
To: Wolfgang.Steigerwald@telekom.de
Content-Type: text/plain; charset="ISO-8859-1"
X-System-Of-Record: true
Cc: oauth@ietf.org
Subject: Re: [OAUTH-WG] resource server id needed?
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Jul 2010 16:35:39 -0000
On Fri, Jul 16, 2010 at 4:47 AM, <Wolfgang.Steigerwald@telekom.de> wrote: > +1 to Thorstens statement. There are use cases beyond local deployments. Definitely. For example, I'm interested in deployments where neither clients nor resource servers need secret keys. This makes adding new clients and resource servers trivial. The challenge here is that even though lots of people are interested in various semantics for "scope", and various types of relations between clients, resource servers, and authorization servers, not everyone has the same use cases and requirements.
- [OAUTH-WG] resource server id needed? Torsten Lodderstedt
- Re: [OAUTH-WG] resource server id needed? Marius Scurtescu
- Re: [OAUTH-WG] resource server id needed? Eran Hammer-Lahav
- Re: [OAUTH-WG] resource server id needed? Torsten Lodderstedt
- Re: [OAUTH-WG] resource server id needed? Ivan Pulleyn
- Re: [OAUTH-WG] resource server id needed? Luke Shepard
- Re: [OAUTH-WG] resource server id needed? William Mills
- Re: [OAUTH-WG] resource server id needed? William Mills
- Re: [OAUTH-WG] resource server id needed? Torsten Lodderstedt
- Re: [OAUTH-WG] resource server id needed? Eran Hammer-Lahav
- Re: [OAUTH-WG] resource server id needed? Torsten Lodderstedt
- Re: [OAUTH-WG] resource server id needed? Ivan Pulleyn
- Re: [OAUTH-WG] resource server id needed? Marius Scurtescu
- Re: [OAUTH-WG] resource server id needed? Torsten Lodderstedt
- Re: [OAUTH-WG] resource server id needed? Wolfgang.Steigerwald
- Re: [OAUTH-WG] resource server id needed? Brian Eaton
- Re: [OAUTH-WG] resource server id needed? Torsten Lodderstedt
- Re: [OAUTH-WG] resource server id needed? Brian Eaton
- Re: [OAUTH-WG] resource server id needed? Torsten Lodderstedt
- Re: [OAUTH-WG] resource server id needed? Torsten Lodderstedt
- Re: [OAUTH-WG] resource server id needed? David Recordon
- Re: [OAUTH-WG] resource server id needed? Andrew Arnott
- Re: [OAUTH-WG] resource server id needed? Torsten Lodderstedt
- Re: [OAUTH-WG] resource server id needed? Eve Maler
- Re: [OAUTH-WG] resource server id needed? Torsten Lodderstedt
- Re: [OAUTH-WG] resource server id needed? Eve Maler
- Re: [OAUTH-WG] resource server id needed? Torsten Lodderstedt
- Re: [OAUTH-WG] resource server id needed? Eve Maler