IETF Logo Mail Archive

Re: [OAUTH-WG] OAuth 2.0 Protected Resource Metadata

Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com> Mon, 30 January 2023 17:45 UTC

Return-Path: <rifaat.s.ietf@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 71054C16953B for <oauth@ietfa.amsl.com>; Mon, 30 Jan 2023 09:45:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.095
X-Spam-Level:
X-Spam-Status: No, score=-7.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k2IO-RinRC_T for <oauth@ietfa.amsl.com>; Mon, 30 Jan 2023 09:44:59 -0800 (PST)
Received: from mail-wm1-x32b.google.com (mail-wm1-x32b.google.com [IPv6:2a00:1450:4864:20::32b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 77318C15154E for <oauth@ietf.org>; Mon, 30 Jan 2023 09:44:59 -0800 (PST)
Received: by mail-wm1-x32b.google.com with SMTP id j32-20020a05600c1c2000b003dc4fd6e61dso3760813wms.5 for <oauth@ietf.org>; Mon, 30 Jan 2023 09:44:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=OEYdfM3uYGlRpFTDN0ETzKGkSjD61PssaoIPHLyYxOA=; b=L3uBwkrdiuNlyy/bcO6WtgfIZU1MvisWFSKmvH8GrQX97jiq+tptbMjJxODfnAUQpT hq4I/asFfMm/ZJSM5Ej27eR2CicSuiWxpzni1BP+wNFRjcPmPRhO2zEulqpbTlZmP1Td rHLaqaKMZMplqxO9kesnLMco2x6HE+qMTn8R0+eTGShZzQ4Tt6LXWBBBgxnjLFNIHYvd LBhG502TqL0oZ3fvyzVk0qMFh29/kRYPh0ZWhVE0j31oEs3mYKrRp0TGhFx369a2hHJB ERJyiALhfjZhz9LyB6uY941PtVRNMty4KEq0vh5PIV0+Ehzjib0yzfA6jSDq3Y5mFysF l9xA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=OEYdfM3uYGlRpFTDN0ETzKGkSjD61PssaoIPHLyYxOA=; b=goK+P3ghBLWYPoUn8OzDdRFSr6u8uba/ZTjKfDEMZjDHbsFuaNSGJlNSdPu9m60lrl Ge5XRqG085ZGqxqwNfszvdKuKgcoM2DVcDC0j9/xYz9KUZgoEC+M7ygtQKF+noUD+AgV bDnohjcVMDtZgY4s8f0AKJf/WZb+ycH9oQDC9gtJoVohUEAW7N7R/qXUTFz/4efsq74n WdZQc9+kse00d/4Qjon8WWYw69kHWkoYiYH209aK1LyhqsPn63NTt4Zpfh93t96hzmC0 EPnf4BSk9lQaSg30uENHH4mcFgOAo4GJ3tmIAeYYaWgLl+hV3+1j/2IW0pA04Fk5uNr0 8MFQ==
X-Gm-Message-State: AFqh2kpCOypoRrk45Sd5pVSdRmWjcZGWIOuai/rzzgY4pQ9mtgyTNo1w OqjPrfK2yHcOdOJdAYf9UlhhZMWeX5ZcWpfN3bkN2uJK
X-Google-Smtp-Source: AMrXdXsZUBlnmeNj6/CzieIi9HLKXm/wUa19skE5A9H60WVlGPSdu2ijsrETptEWZZp17HSP5uREUACSs+hp6VZVq6U=
X-Received: by 2002:a05:600c:6020:b0:3da:1bb6:ed44 with SMTP id az32-20020a05600c602000b003da1bb6ed44mr3558785wmb.149.1675100697625; Mon, 30 Jan 2023 09:44:57 -0800 (PST)
MIME-Version: 1.0
References: <CAP_qYykQfeY+a1syUDBjX+j_Oy7WgTYt5T2uDm-zaQ=MrO-CSw@mail.gmail.com> <3F59956E-4174-44BE-90AC-342233846287@alkaline-solutions.com> <CAGBSGjppyoH0d2iz1koH9SwOtA5dYQ03XRNLiBN5Rg1eeyrMFA@mail.gmail.com>
In-Reply-To: <CAGBSGjppyoH0d2iz1koH9SwOtA5dYQ03XRNLiBN5Rg1eeyrMFA@mail.gmail.com>
From: Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com>
Date: Mon, 30 Jan 2023 12:44:46 -0500
Message-ID: <CADNypP9y8xcFrc1-daR7oP+17csEkKpR+7icVb+BK9DhuFfLrw@mail.gmail.com>
To: Aaron Parecki <aaron=40parecki.com@dmarc.ietf.org>
Cc: OAuth WG <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000000b871505f37ec61b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/tH1l7zDSWE7eZQqXfpkOfOQgEB4>
Subject: Re: [OAUTH-WG] OAuth 2.0 Protected Resource Metadata
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Jan 2023 17:45:03 -0000

I added both to the list of topics to discuss in Yokohama.
Let's have that discussion first, before calling for any adoption.

Regards,
 Rifaat & Hannes


On Sat, Jan 28, 2023 at 8:35 PM Aaron Parecki <aaron=
40parecki.com@dmarc.ietf.org> wrote:

> There is significant overlap between this draft and the concepts brought
> to the OAuth WG at the last IETF meeting by Ben Schwartz, which he also
> presented to the HTTPAPI WG. After that meeting, I volunteered to work with
> Ben on adapting his concepts to a model that would fit better within the
> OAuth framework. I published an early draft, which I am planning on
> presenting at the next IETF meeting.
> https://datatracker.ietf.org/doc/draft-parecki-oauth-authorization-server-discovery/
>
> During the HTTPAPI and OAuth sessions at IETF 115, there were many
> concerns expressed by various people in the groups about establishing and
> enabling this kind of relationship, which would also apply to this Resource
> Metadata draft. I believe there should be further discussions about the
> concepts described here as well as how best to enable other working groups
> to take advantage of this kind of relationship between an RS and AS before
> adopting this particular draft.
>
> Aaron
>
>
>
> On Sat, Jan 28, 2023 at 5:21 PM David Waite <david=
> 40alkaline-solutions.com@dmarc.ietf.org> wrote:
>
>> I support adoption by the working group.
>>
>> -DW
>>
>> On Jan 24, 2023, at 2:38 AM, Giuseppe De Marco <demarcog83@gmail.com>
>> wrote:
>>
>> Hello everybody,
>>
>> I would like to bring to your attention this expired draft:
>> https://datatracker.ietf.org/doc/draft-jones-oauth-resource-metadata/
>>
>> I propose the take up this individual draft for its adoption as an
>> official internet draft.
>> The reason I ask this is that there are implementations of this draft
>> born with the need to have metadata for entities of type RS.
>>
>> The implementation of which I am aware concerns the Italian "Attribute
>> Authorities" [0]. OpenID Federation draft also defines the metadata of the
>> oauth_resource type [1], taking up the elements defined in the draft in
>> question. Recently, an interesting reflection seems to have arisen also in
>> OpenID4VCI/OpenID4VP [2].
>>
>> Thank you for your attention, I hope to read your valuable feedback soon,
>> best
>>
>> [0] https://italia.github.io/spid-cie-oidc-docs/en/metadata_aa.html
>> [1]
>> https://openid.net/specs/openid-connect-federation-1_0.html#section-4.7
>> [2]
>> https://bitbucket.org/openid/connect/issues/1781/do-new-entity-types-required-for-oid4vp
>>
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
>>
>>
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
>>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>

v2.23.0 | Report a Bug | By Email