[OAUTH-WG] Last Call: <draft-ietf-oauth-device-flow-09.txt> (OAuth 2.0 Device Flow for Browserless and Input Constrained Devices) to Proposed Standard

The IESG <iesg-secretary@ietf.org> Tue, 29 May 2018 22:20 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: oauth@ietf.org
Delivered-To: oauth@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id E20E412FAC5; Tue, 29 May 2018 15:20:30 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: "IETF-Announce" <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.81.1
Auto-Submitted: auto-generated
Precedence: bulk
CC: ekr@rtfm.com, Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>, rifaat.ietf@gmail.com, draft-ietf-oauth-device-flow@ietf.org, oauth-chairs@ietf.org, oauth@ietf.org
Reply-To: ietf@ietf.org
Sender: <iesg-secretary@ietf.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <152763243091.27698.7723369435827878398.idtracker@ietfa.amsl.com>
Date: Tue, 29 May 2018 15:20:30 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/tNzG9M4CcVye4VmBHmvSC_YL-bY>
Subject: [OAUTH-WG] Last Call: <draft-ietf-oauth-device-flow-09.txt> (OAuth 2.0 Device Flow for Browserless and Input Constrained Devices) to Proposed Standard
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 May 2018 22:20:39 -0000

The IESG has received a request from the Web Authorization Protocol WG
(oauth) to consider the following document: - 'OAuth 2.0 Device Flow for
Browserless and Input Constrained Devices'
  <draft-ietf-oauth-device-flow-09.txt> as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2018-06-12. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the beginning of
the Subject line to allow automated sorting.

Abstract


   This OAuth 2.0 authorization flow for browserless and input
   constrained devices, often referred to as the device flow, enables
   OAuth clients to request user authorization from devices that have an
   Internet connection, but don't have an easy input method (such as a
   smart TV, media console, picture frame, or printer), or lack a
   suitable browser for a more traditional OAuth flow.  This
   authorization flow instructs the user to perform the authorization
   request on a secondary device, such as a smartphone.  There is no
   requirement for communication between the constrained device and the
   user's secondary device.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-oauth-device-flow/

IESG discussion can be tracked via
https://datatracker.ietf.org/doc/draft-ietf-oauth-device-flow/ballot/


No IPR declarations have been submitted directly on this I-D.


The document contains these normative downward references.
See RFC 3967 for additional information: 
    rfc6819: OAuth 2.0 Threat Model and Security Considerations (Informational - IETF stream)
    draft-recordon-oauth-v2-device: OAuth 2.0 Device Profile
 (None - )
    rfc6755: An IETF URN Sub-Namespace for OAuth (Informational - IETF stream)