IETF Logo Mail Archive

Re: [OAUTH-WG] OAuth and IoT

Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Fri, 02 October 2015 20:42 UTC

Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB5C71B2DD4 for <oauth@ietfa.amsl.com>; Fri, 2 Oct 2015 13:42:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.009
X-Spam-Level:
X-Spam-Status: No, score=-0.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, MIME_QP_LONG_LINE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lKYgpiP8M2YS for <oauth@ietfa.amsl.com>; Fri, 2 Oct 2015 13:42:17 -0700 (PDT)
Received: from mail-qg0-x22c.google.com (mail-qg0-x22c.google.com [IPv6:2607:f8b0:400d:c04::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CBA461B2DD2 for <oauth@ietf.org>; Fri, 2 Oct 2015 13:42:16 -0700 (PDT)
Received: by qgez77 with SMTP id z77so105287312qge.1 for <oauth@ietf.org>; Fri, 02 Oct 2015 13:42:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:content-type:mime-version:subject:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=9n3ncMw9vFNjMPKkrjiNvjt0YDNsOlU2A5qJqQd6Lj4=; b=g8dPBLWrGqBrFVIOVD+mGm+7wcVLueYTRPSW+WN4s9VtLNVWbOchwl1y0EUe61gkPy UFCA7uCpHzb5WTn3LAPoT89SdmJrZA9CkIZw186yosJKl9DItZVWoVRuB2IfUNdcbt20 VVPXI2Enk3LmlT9K5PxacvdTZFr4GGQEaBYYQchnYKNE01PQ6FP/ie+vgtculRQIBOpJ 63iteLWWKb3gBSDKzW6LDrr/J1fC5KcD5Yi1zBoDq3G4s30C76Fys67IvAH+AUDai/Vr 2flf0GLZaqYhGujMzUsAhZdMCS3uRD552lOEBr9pMSoPqdRjXUO+ZG0BurT3iRUTIznN p9Ag==
X-Received: by 10.140.218.133 with SMTP id o127mr24508479qhb.4.1443818535934; Fri, 02 Oct 2015 13:42:15 -0700 (PDT)
Received: from [192.168.1.3] (209-6-114-252.c3-0.arl-ubr1.sbo-arl.ma.cable.rcn.com. [209.6.114.252]) by smtp.gmail.com with ESMTPSA id d62sm5356079qhc.19.2015.10.02.13.42.14 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 02 Oct 2015 13:42:14 -0700 (PDT)
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
X-Google-Original-From: Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail-2718A347-DD0F-4E1B-B0A8-95FBB0F3B25F"
Mime-Version: 1.0 (1.0)
X-Mailer: iPhone Mail (12H143)
In-Reply-To: <CAOahYUzY3CHY2n8ioDvtTMreFL-vDCn12TrJq=F2XC4F_w0tnw@mail.gmail.com>
Date: Fri, 02 Oct 2015 16:42:14 -0400
Content-Transfer-Encoding: 7bit
Message-Id: <051ED10B-F4A0-47C4-9455-C7C3E69F4396@gmail.com>
References: <CAOahYUwiWV-XTVu-RWX5BjJ5D+Tun3SBR3ep2XUy8+pxq=sK3Q@mail.gmail.com> <CAOahYUyXeajxF2AVd5yu_xbGV-Jz1YN1TiZP90Scot5B710yVw@mail.gmail.com> <06859C0C-22CC-4CE8-8A42-593EF2EFDCE1@gmail.com> <CAOahYUzY3CHY2n8ioDvtTMreFL-vDCn12TrJq=F2XC4F_w0tnw@mail.gmail.com>
To: Adam Lewis <adam.lewis@motorolasolutions.com>
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/uAu-kYObdz_7UUPV8LXbcYFzWys>
Cc: OAuth WG <oauth@ietf.org>
Subject: Re: [OAUTH-WG] OAuth and IoT
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Oct 2015 20:42:19 -0000

No problem and I guess autocorrect had ideas of its own in my message.

s/suction/solution/

Sent from my iPhone

> On Oct 2, 2015, at 4:36 PM, Adam Lewis <adam.lewis@motorolasolutions.com> wrote:
> 
> Thank you Kathleen, exactly the type of pointers I was looking for.  Will head over their now :-)
> 
>> On Fri, Oct 2, 2015 at 3:35 PM, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> wrote:
>> Adam,
>> 
>> Are you following the ACE working group?  They are wrapping up their use case document and IETF last call should start next week.  OAuth is being considered and they will be busy with suction work soon for Authentication and authorization in Constrained Environments.
>> 
>> I'd suggest start with a read of the use case draft.  The actors draft will follow through soon with a WGLC (I hope).  They should be discussing solutions in Yokohama.
>> 
>> Kathleen 
>> 
>> Sent from my iPhone
>> 
>>> On Oct 2, 2015, at 4:19 PM, Adam Lewis <adam.lewis@motorolasolutions.com> wrote:
>>> 
>>> And on that similar note, has their been any work done around having a singe client id, and registering that client id with the AS, but tying the client id to a trust anchor instead of a single public key certificate, such that any client issued a certificate by the trusted CA could obtain an access token?  This would enable a single entry in the AS for each type of client.  
>>> 
>>>> On Fri, Oct 2, 2015 at 2:45 PM, Adam Lewis <adam.lewis@motorolasolutions.com> wrote:
>>>> Hi all,
>>>> 
>>>> Looking to find some pointers to effort around usage of OAuth and IoT.  Will embedded devices / appliances use the client credential grant type?  This would seem to be a natural choice, now does every device have a unique client id?  I am looking at use cases where we will have a large set of devices without a UI acting on their own behalf (not the users) and will need to obtain access tokens.  What are the best practices around this?  It seems impractical to add every one of these devices as a unique client to the OAuth server, but I'm unclear what the other options are given the current set of drafts. 
>>>> 
>>>> 
>>>> 
>>>> tx!
>>>> adam
>>> 
>>> _______________________________________________
>>> OAuth mailing list
>>> OAuth@ietf.org
>>> https://www.ietf.org/mailman/listinfo/oauth
>

v2.23.0 | Report a Bug | By Email