Re: [OAUTH-WG] OAuth WG Re-Chartering

"Tschofenig, Hannes (NSN - FI/Espoo)" <hannes.tschofenig@nsn.com> Thu, 15 March 2012 11:46 UTC

Return-Path: <hannes.tschofenig@nsn.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B736C21F86A8 for <oauth@ietfa.amsl.com>; Thu, 15 Mar 2012 04:46:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.419
X-Spam-Level:
X-Spam-Status: No, score=-106.419 tagged_above=-999 required=5 tests=[AWL=0.180, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YbkQzCAkSRUE for <oauth@ietfa.amsl.com>; Thu, 15 Mar 2012 04:46:42 -0700 (PDT)
Received: from demumfd002.nsn-inter.net (demumfd002.nsn-inter.net [93.183.12.31]) by ietfa.amsl.com (Postfix) with ESMTP id E27C721F867F for <oauth@ietf.org>; Thu, 15 Mar 2012 04:46:41 -0700 (PDT)
Received: from demuprx016.emea.nsn-intra.net ([10.150.129.55]) by demumfd002.nsn-inter.net (8.12.11.20060308/8.12.11) with ESMTP id q2FBkcKU018726 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 15 Mar 2012 12:46:38 +0100
Received: from demuexc022.nsn-intra.net (demuexc022.nsn-intra.net [10.150.128.35]) by demuprx016.emea.nsn-intra.net (8.12.11.20060308/8.12.11) with ESMTP id q2FBkXRd014566; Thu, 15 Mar 2012 12:46:38 +0100
Received: from FIESEXC035.nsn-intra.net ([10.159.0.25]) by demuexc022.nsn-intra.net with Microsoft SMTPSVC(6.0.3790.4675); Thu, 15 Mar 2012 12:46:36 +0100
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Date: Thu, 15 Mar 2012 13:46:34 +0200
Message-ID: <999913AB42CC9341B05A99BBF358718D01382ADC@FIESEXC035.nsn-intra.net>
In-Reply-To: <CAAz=scnGaFzNNHv1xEQa0hCiA2gup_J_86HyzCnd7P0YTqfFxw@mail.gmail.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [OAUTH-WG] OAuth WG Re-Chartering
Thread-Index: Ac0CnzJzNsQfN7a4RL6KgAEUAk1PowAAfdrQ
References: <B327D847-B059-41D7-A468-8B8A5DB8BFCE@gmx.net> <CAAz=scnGaFzNNHv1xEQa0hCiA2gup_J_86HyzCnd7P0YTqfFxw@mail.gmail.com>
From: "Tschofenig, Hannes (NSN - FI/Espoo)" <hannes.tschofenig@nsn.com>
To: ext Blaine Cook <romeda@gmail.com>, Hannes Tschofenig <hannes.tschofenig@gmx.net>
X-OriginalArrivalTime: 15 Mar 2012 11:46:36.0864 (UTC) FILETIME=[470D0C00:01CD02A1]
X-purgate-type: clean
X-purgate-Ad: Categorized by eleven eXpurgate (R) http://www.eleven.de
X-purgate: clean
X-purgate: This mail is considered clean (visit http://www.eleven.de for further information)
X-purgate-size: 3158
X-purgate-ID: 151667::1331811998-000033AC-8D5E4CB7/0-0/0-0
Cc: oauth@ietf.org
Subject: Re: [OAUTH-WG] OAuth WG Re-Chartering
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2012 11:46:42 -0000

Hi Blaine, 

These are indeed good requirements you stated below. 

When you look at the list of topics do you think that the proposed items indeed fulfill them? 

Ciao
Hannes


> -----Original Message-----
> From: oauth-bounces@ietf.org [mailto:oauth-bounces@ietf.org] On Behalf
> Of ext Blaine Cook
> Sent: Thursday, March 15, 2012 1:31 PM
> To: Hannes Tschofenig
> Cc: oauth@ietf.org WG
> Subject: Re: [OAUTH-WG] OAuth WG Re-Chartering
> 
> On 14 March 2012 20:21, Hannes Tschofenig <hannes.tschofenig@gmx.net>
> wrote:
> > So, here is a proposal:
> >
> > [Editor's Note: New work for the group. 5 items maximum! ]
> >
> > Aug. 2012    Submit 'Token Revocation' to the IESG for consideration
> as a Proposed Standard
> > Nov. 2012    Submit 'JSON Web Token (JWT)' to the IESG for
> consideration as a Proposed Standard
> > Nov. 2012    Submit 'JSON Web Token (JWT) Bearer Token Profiles for
> OAuth 2.0' to the IESG for consideration
> > Jan. 2013    Submit 'OAuth Dynamic Client Registration Protocol' to
> the IESG for consideration as a Proposed Standard
> > Sep. 2012    Submit 'OAuth Use Cases' to the IESG for consideration
> as an Informational RFC
> 
> This looks great to me.
> 
> I have serious concerns about feature-creep, and think that the OAuth
> WG should strongly limit its purview to these issues. In general, I
> think it prudent for this working group in particular to consider
> standardisation of work only under the following criteria:
> 
> 1. Proposals must have a direct relationship to the mechanism of OAuth
> (and not, specifically, bound to an application-level protocol).
> 2. Proposals must have significant adoption in both enterprise and
> startup environments.
> 3. Any proposal must be driven based on a consideration of the
> different approaches, as adopted in the wild, and strive to be a
> better synthesis of those approaches, not a means to an end.
> 
> These are the constraints with which I started the OAuth project, and
> they're more relevant than ever. I'd hate to see OAuth fail in the end
> because of a WS-*-like death by standards-pile-on.
> 
> b.
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth