Re: [OAUTH-WG] New Version Notification for draft-hunt-oauth-v2-user-a4c-05.txt
Bill Mills <wmills_92105@yahoo.com> Thu, 24 July 2014 18:17 UTC
Return-Path: <wmills_92105@yahoo.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4EC1F1B27B8 for <oauth@ietfa.amsl.com>; Thu, 24 Jul 2014 11:17:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.389
X-Spam-Level:
X-Spam-Status: No, score=-0.389 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, DKIM_SIGNED=0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, FREEMAIL_REPLYTO_END_DIGIT=0.25, HTML_MESSAGE=0.001, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gugu7wVbZwV9 for <oauth@ietfa.amsl.com>; Thu, 24 Jul 2014 11:17:49 -0700 (PDT)
Received: from nm50-vm2.bullet.mail.bf1.yahoo.com (nm50-vm2.bullet.mail.bf1.yahoo.com [216.109.115.221]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 436681B27BF for <oauth@ietf.org>; Thu, 24 Jul 2014 11:17:42 -0700 (PDT)
Received: from [98.139.212.149] by nm50.bullet.mail.bf1.yahoo.com with NNFMP; 24 Jul 2014 18:17:41 -0000
Received: from [98.139.212.218] by tm6.bullet.mail.bf1.yahoo.com with NNFMP; 24 Jul 2014 18:17:41 -0000
Received: from [127.0.0.1] by omp1027.mail.bf1.yahoo.com with NNFMP; 24 Jul 2014 18:17:41 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 261432.76516.bm@omp1027.mail.bf1.yahoo.com
Received: (qmail 74499 invoked by uid 60001); 24 Jul 2014 18:17:41 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1406225861; bh=DzZhv4ZuT/rE3WsEOtGGxonTpa53o8FYG7wSbFsMw0w=; h=References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=ts5o62uJPh78/M/Z3GrYQPpX/oghEkdXUp/gvAI8mye2kxQURZG/iLPrbJxn/Pi5rCDi2Ae7+T2P5QYiSJGaX0qx33wPMOzLPXqF33kbBNDlkf27jPVVxubHCvgvtBSnl43raVxRubjwtrjWrUmASq9HcNZF9DfLV3Ao7oV4Vm4=
X-YMail-OSG: Dcmoj0EVM1mIBA4KhUREPI8H9.VtxHpCeG3OLe9j.wGZDLR S6JunO0xL31p2SHvZoJNMtTmYHCf.jdMXM6jfgNgcJdpD5B_80S.zKeg8T1o xqOqcen7lxy1Dh9UJSXYs0f1wv20KJlVfKpP4Zt7HhRrSj2qh5Uu_AYK2259 9OIWZfeosV_PKcU15IDX_Jzzk72Llv6TYr8I7i186mjYVVF_lv6vceW9wGIF zFx_MisUfMsNytxTxrWuR6jJsz2XqZ5cuaAACbvGxHhPwIydgFndbrVLJT_6 k182rR18AxFtJNazPg8TZR.IDCNcMs3iyMlbBvO34Rh.IFfwu_u2zgOZaFl4 sww8M.4AEnHiFxyMckQ9LYm7rgohvRpiZviTIC8np2PiL2Qb1GqQCgwdNY9G I.pmZpbjlTulqxT7j_6S4j_CNiIYhIVcQAJP.toilDMY_EZrbZ8wYB.Grcic JXDzWASJWFWmvpaJLwX18fX_nV105IDTrS14jpDb_IC7qpqdNGdzCmbm758T 97f6NGma69euo2xEbnlO82fgpN8lM4j3J7UKy.Z4syXzY5t.i7iJW878eVBm rcqkUCaUt9LfU1i5Z2KYawDki6_bC0eR6oYTdpnzXdlav5tBqkdHBTA5DV.Y Heg--
Received: from [167.220.24.190] by web142802.mail.bf1.yahoo.com via HTTP; Thu, 24 Jul 2014 11:17:41 PDT
X-Rocket-MIMEInfo: 002.001, VGhlbiB3aHkgYXJlbid0IHBlb3BsZSB1c2luZyB0aGlzIGluc3RlYWQgb2YgKG1pcyl1c2luZyBPQXV0aCBmb3IgdGhpcz8KCkRpZmZlcmVudCBxdWVzdGlvbiwgaWYgd2UgZG8gZGVmaW5lIEFDNCB3aWxsIHBlb3BsZSBtb3ZlIHRvIHRoYXQsIG9yIGNvbnRpbnVlIGRvaW5nIHRoZSB3cm9uZyB0aGluZyBhbnl3YXk_CgoKT24gVGh1cnNkYXksIEp1bHkgMjQsIDIwMTQgODo1NyBBTSwgTmF0IFNha2ltdXJhIDxzYWtpbXVyYUBnbWFpbC5jb20.IHdyb3RlOgogCgoKCgoyMDE0LTA3LTI0IDEwOjMwIEdNVC0wNDoBMAEBAQE-
X-Mailer: YahooMailWebService/0.8.196.685
References: <201407221830.s6MIUYrf031075@outgoing.mit.edu> <CABzCy2CxNQ2d3=m9Bvc0+k6ikqZkwb940HwskvnAGvKoGnteSw@mail.gmail.com> <DE16B8D3-3590-45B3-BE08-D1A7CF9EF0FB@oracle.com> <CABzCy2B_iB1ZBskFJObKJjnftEH1STVyhx1-AE6Chrj76-se8g@mail.gmail.com> <F7F8C65F-C805-4C29-86F0-1835B7A80E3F@oracle.com> <4E1F6AAD24975D4BA5B16804296739439ADDD8F2@TK5EX14MBXC294.redmond.corp.microsoft.com> <CAEayHEM4SAM_2DwF8ceC4sen++o7azZnP16xDR8EodqSkxFajA@mail.gmail.com> <04E6EF5C-F36C-4987-9BA6-AF92408EEFCE@mitre.org> <CAEayHENPDasnJ8JBgxRuZSkcWg3+=1g6gOJzodWAJtHqMmc_Ww@mail.gmail.com> <CABzCy2CWN81to7nAtxsnCjSiXFhzh+iOu-2zyg+cjfCSgQZqbQ@mail.gmail.com> <2cc10b23a4238ec0c76087b09d1d290a@lodderstedt.net> <6859A770-F6D2-4481-BD5F-2E73779BC745@ve7jtb.com> <4E1F6AAD24975D4BA5B16804296739439ADDE116@TK5EX14MBXC294.redmond.corp.microsoft.com> <CABzCy2Ar_pJt30ctP6hQ47rpSUGMh-+rrYssWe+XFNY73dA_YQ@mail.gmail.com> <CAEayHENLvazYAcu==_3CM9x91DDqhHngtSarm4_qBu5Zf_-ipw@mail.gmail.com> <B3031E2C-8F1E-4DEC-B739-2F2FFC349D3 9@lodderstedt.net> <B86C4C6C-AC24-45DF-A3B4-F8D1A88BC64A@ve7jtb.com> <d4b20f338a298530b4a3430386502d25@lodderstedt.net> <1E5B5066-E619-4965-B941-62C2CD72A37E@ve7jtb.com> <CABzCy2Dmms4MGTsuQkzu3uQGChLtNDKQREo1_S7UwfaW3hQnqA@mail.gmail.com> <CA+k3eCSiwB3pC5j+zFgrLHg7DdnWMjdJ7VVfY=NWbeY-3ndoyA@mail.gmail.com> <9dbf8c7384e341a08334a9ee093697f8@BLUPR03MB309.namprd03.prod.outlook.com> <CA+k3eCTFpOyM78r7NAY=LVbYgdYC5dXUP4ej9i1ZUT6m_rO8PQ@mail.gmail.com> <45D858DE-6F5E-46D4-828C-9C4C80C3AC2A@oracle.com> <CABzCy2Da1P1GJ8jfUvQZ3dGFGgUwCMGbetX0CQvnsa3jFxAFbA@mail.gmail.com>
Message-ID: <1406225861.40476.YahooMailNeo@web142802.mail.bf1.yahoo.com>
Date: Thu, 24 Jul 2014 11:17:41 -0700
From: Bill Mills <wmills_92105@yahoo.com>
To: Nat Sakimura <sakimura@gmail.com>, Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <CABzCy2Da1P1GJ8jfUvQZ3dGFGgUwCMGbetX0CQvnsa3jFxAFbA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="1397251415-829016114-1406225861=:40476"
Archived-At: http://mailarchive.ietf.org/arch/msg/oauth/tXY2EkzmNgyiqZw91vTgrtdhggw
Cc: "oauth@ietf.org list" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] New Version Notification for draft-hunt-oauth-v2-user-a4c-05.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: Bill Mills <wmills_92105@yahoo.com>
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jul 2014 18:17:52 -0000
Then why aren't people using this instead of (mis)using OAuth for this? Different question, if we do define AC4 will people move to that, or continue doing the wrong thing anyway? On Thursday, July 24, 2014 8:57 AM, Nat Sakimura <sakimura@gmail.com> wrote: 2014-07-24 10:30 GMT-04:00 Phil Hunt <phil.hunt@oracle.com>: I’m not at all saying that OpenID is bad. If you want an IDP, its fine. But if all a client wants is authentication, they think why can’t I just use RFC6749? If all what one wants is to build a simple client, there is a standing document called OpenID Connect Basic Client Implementer's Guide 1.0. It is a profile that deals only the 'code' flow. Size-wise, it is 32 pages. The break down are as below approximately: Abstract, Intro, ToC - 2.5 pages Terminology - 1.5 pages Getting ID Token - 9 pages ID Token Validation - 1 page (Seems missing from a4c draft?) Userinfo Endpoint - 7 pages Serializations - 1 page (missing in a4c?) String Operations etc. - 1 pages (missing in a4c?) Considerations - 2 pages (very brief in a4c) References, Acknowledgement - 2 pages Document History etc. - 7 pages The a4c draft is 14 pages long. It will be longer than this in the end as it is missing bunch of things. The comparable portion of the Basic Client Profile is 14 pages or so. Just one data point. -- Nat Sakimura (=nat) Chairman, OpenID Foundation http://nat.sakimura.org/ @_nat_en _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
- [OAUTH-WG] FW: New Version Notification for draft… Mike Jones
- Re: [OAUTH-WG] FW: New Version Notification for d… Thomas Broyer
- Re: [OAUTH-WG] FW: New Version Notification for d… Mike Jones
- Re: [OAUTH-WG] FW: New Version Notification for d… Thomas Broyer
- Re: [OAUTH-WG] New Version Notification for draft… Richer, Justin P.
- Re: [OAUTH-WG] New Version Notification for draft… Nat Sakimura
- Re: [OAUTH-WG] New Version Notification for draft… Phil Hunt
- Re: [OAUTH-WG] New Version Notification for draft… Nat Sakimura
- Re: [OAUTH-WG] New Version Notification for draft… Phil Hunt
- Re: [OAUTH-WG] New Version Notification for draft… Justin Richer
- Re: [OAUTH-WG] New Version Notification for draft… Nat Sakimura
- Re: [OAUTH-WG] New Version Notification for draft… Phil Hunt
- Re: [OAUTH-WG] New Version Notification for draft… Nat Sakimura
- Re: [OAUTH-WG] New Version Notification for draft… Phil Hunt
- Re: [OAUTH-WG] New Version Notification for draft… Mike Jones
- Re: [OAUTH-WG] New Version Notification for draft… Nat Sakimura
- Re: [OAUTH-WG] New Version Notification for draft… Thomas Broyer
- Re: [OAUTH-WG] New Version Notification for draft… Richer, Justin P.
- Re: [OAUTH-WG] New Version Notification for draft… Thomas Broyer
- Re: [OAUTH-WG] New Version Notification for draft… Nat Sakimura
- Re: [OAUTH-WG] New Version Notification for draft… torsten
- Re: [OAUTH-WG] New Version Notification for draft… Mike Jones
- Re: [OAUTH-WG] New Version Notification for draft… John Bradley
- Re: [OAUTH-WG] New Version Notification for draft… Mike Jones
- Re: [OAUTH-WG] New Version Notification for draft… Takahiko Kawasaki
- Re: [OAUTH-WG] New Version Notification for draft… Nat Sakimura
- Re: [OAUTH-WG] New Version Notification for draft… Nat Sakimura
- Re: [OAUTH-WG] New Version Notification for draft… Thomas Broyer
- Re: [OAUTH-WG] New Version Notification for draft… Torsten Lodderstedt
- Re: [OAUTH-WG] New Version Notification for draft… Nat Sakimura
- Re: [OAUTH-WG] New Version Notification for draft… Thomas Broyer
- Re: [OAUTH-WG] New Version Notification for draft… Torsten Lodderstedt
- Re: [OAUTH-WG] New Version Notification for draft… John Bradley
- Re: [OAUTH-WG] New Version Notification for draft… Phil Hunt
- Re: [OAUTH-WG] New Version Notification for draft… John Bradley
- Re: [OAUTH-WG] New Version Notification for draft… Anthony Nadalin
- Re: [OAUTH-WG] New Version Notification for draft… Justin Richer
- Re: [OAUTH-WG] New Version Notification for draft… Nat Sakimura
- Re: [OAUTH-WG] New Version Notification for draft… Anthony Nadalin
- Re: [OAUTH-WG] New Version Notification for draft… Mike Jones
- Re: [OAUTH-WG] New Version Notification for draft… Brian Campbell
- Re: [OAUTH-WG] New Version Notification for draft… Anthony Nadalin
- Re: [OAUTH-WG] New Version Notification for draft… Richer, Justin P.
- Re: [OAUTH-WG] New Version Notification for draft… Brian Campbell
- Re: [OAUTH-WG] New Version Notification for draft… John Bradley
- Re: [OAUTH-WG] New Version Notification for draft… Phil Hunt
- Re: [OAUTH-WG] New Version Notification for draft… Phil Hunt
- Re: [OAUTH-WG] New Version Notification for draft… John Bradley
- Re: [OAUTH-WG] New Version Notification for draft… torsten
- Re: [OAUTH-WG] New Version Notification for draft… Nat Sakimura
- Re: [OAUTH-WG] New Version Notification for draft… Phil Hunt
- Re: [OAUTH-WG] New Version Notification for draft… Dale Olds
- Re: [OAUTH-WG] New Version Notification for draft… Bill Burke
- Re: [OAUTH-WG] New Version Notification for draft… Phil Hunt
- Re: [OAUTH-WG] New Version Notification for draft… Justin Richer
- Re: [OAUTH-WG] New Version Notification for draft… Brian Campbell
- Re: [OAUTH-WG] New Version Notification for draft… Anthony Nadalin
- Re: [OAUTH-WG] New Version Notification for draft… John Bradley
- Re: [OAUTH-WG] New Version Notification for draft… Bill Mills
- Re: [OAUTH-WG] New Version Notification for draft… Bill Mills
- Re: [OAUTH-WG] New Version Notification for draft… Nat Sakimura
- Re: [OAUTH-WG] New Version Notification for draft… Brian Campbell
- Re: [OAUTH-WG] New Version Notification for draft… Anthony Nadalin
- Re: [OAUTH-WG] New Version Notification for draft… Sergey Beryozkin
- Re: [OAUTH-WG] New Version Notification for draft… Justin Richer
- Re: [OAUTH-WG] New Version Notification for draft… Sergey Beryozkin
- Re: [OAUTH-WG] New Version Notification for draft… Justin Richer
- Re: [OAUTH-WG] New Version Notification for draft… Sergey Beryozkin
- Re: [OAUTH-WG] New Version Notification for draft… Phil Hunt
- Re: [OAUTH-WG] New Version Notification for draft… Sergey Beryozkin
- Re: [OAUTH-WG] New Version Notification for draft… Phil Hunt
- Re: [OAUTH-WG] New Version Notification for draft… Sergey Beryozkin
- Re: [OAUTH-WG] New Version Notification for draft… Sergey Beryozkin