[OAUTH-WG] DNS Handles Whitepaper
Phillip Hallam-Baker <phill@hallambaker.com> Wed, 22 January 2025 20:57 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 26B34C151545 for <oauth@ietfa.amsl.com>; Wed, 22 Jan 2025 12:57:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.648
X-Spam-Level:
X-Spam-Status: No, score=-1.648 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4ARwZ87A3syu for <oauth@ietfa.amsl.com>; Wed, 22 Jan 2025 12:57:28 -0800 (PST)
Received: from mail-qt1-f170.google.com (mail-qt1-f170.google.com [209.85.160.170]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 51674C14F5E5 for <oauth@ietf.org>; Wed, 22 Jan 2025 12:57:28 -0800 (PST)
Received: by mail-qt1-f170.google.com with SMTP id d75a77b69052e-467a6781bc8so1709171cf.2 for <oauth@ietf.org>; Wed, 22 Jan 2025 12:57:28 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737579447; x=1738184247; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=Y1ZoISjGNK/FluTe7Y40C89VbPQ0SBKp4tLnmtvvZwY=; b=vtPe8Ngh4o/uY7n+9KPVjAzAvnv+VQVdspcahdgViKvH7dk5SZHpPcklePXGann5X6 PxNFmguy72GvATq412HjIc3cQLhLlqOAROJ+QhXRkS/mZAro5owi5aX4nDZkIRJb/NTC v5gW5tDiTJzQB/9Ywgh1tsMiUhXLQGvDOoFi0DVa17fwEmJ/5FWMYLqHcoGpWcfK5MJL N6rIKH+dbceugSH9sh8zdMk1k8aAc7+I9d2eFmwww8IFKvnoAlOXQ9WetZ3LXXWmRvNS ItlTRpXPB9oBEdJXFgF18XKZUB8t/n68ERaJqIUOCLPmfKpBms+PPgWMiK1FDUQVstqJ E6AQ==
X-Gm-Message-State: AOJu0YwFCLyIA9kI+EVAfAVNNwpV7GDvZi7oU0WooHnHHnx/iwFlFz7p 9wqmyjxCGQyBLi7t/rTvEf7x+JYGQVq2rv5s7mvhts2A5KUw74VCrzJglgKld5DTtgxXzg9OWop oNGb3XLGZuA7AUhWalp/Ltl4aGLp8Dj8z
X-Gm-Gg: ASbGncvu1LGEME/4f0trtdvWhbRhnGAR8DsVlPKZsjjb7vKce1SiWyoXR1qD7wlQrDF 3YWVEO+D5tgcaTMGtMBztojibY0d3HJoTbYsLvn5ys2bfQbE9CS/p
X-Google-Smtp-Source: AGHT+IGB8n9XH6TnU/JbCOQuf3Au+6M8H/NmmZJyqB7jWLj+2hQuqZjTCfc7J2XdBKfC8CAlwbQuh9ZYcTO6gOxq6PA=
X-Received: by 2002:a05:622a:11c1:b0:466:ac03:a714 with SMTP id d75a77b69052e-46e12c394d5mr329235771cf.36.1737579446988; Wed, 22 Jan 2025 12:57:26 -0800 (PST)
MIME-Version: 1.0
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Wed, 22 Jan 2025 15:57:14 -0500
X-Gm-Features: AWEUYZmSRU0_vs5xercjPDD7QtruulAgNWjhw-rW4YXvAJalLbt8fGVmG0ElEog
Message-ID: <CAMm+LwiFZXMeU3qH0NSnjx=rXSj+x6F=jiB5nTZhqTj7WSmuWg@mail.gmail.com>
To: "<oauth@ietf.org>" <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000b4f3e4062c51bddc"
Message-ID-Hash: 4XSXSQHQEPAAGKHNRJDKR4RYVHZTQ7UJ
X-Message-ID-Hash: 4XSXSQHQEPAAGKHNRJDKR4RYVHZTQ7UJ
X-MailFrom: hallam@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [OAUTH-WG] DNS Handles Whitepaper
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/tamFWppv6qwqVW_CbNxJrQI2sm0>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>
A draft to put the ideas together: https://www.ietf.org/archive/id/draft-hallambaker-any-00.html I am working on a second document describing the @nywhere profile of OAuth as it currently stands. While this meets the (current) needs of BlueSky, it does not currently meet the needs of the ubiquitous authentication, communication and device configuration scheme I am building. I have ideas for how to modify the spec to get to where I think it should go. In particular, there needs to be a mechanism that allows the user to take full control of their DID and delegate the ability to sign posts under it rather than the root of trust being a private key controlled by the social media provider. So no, this is not finished as a standards proposal but the amount of work required may not be limited to defining a profile.
- [OAUTH-WG] DNS Handles Whitepaper Phillip Hallam-Baker