Re: [OAUTH-WG] Rechartering

Eve Maler <eve@xmlgrrl.com> Wed, 15 September 2010 01:29 UTC

Return-Path: <eve@xmlgrrl.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id ACA963A6B5C for <oauth@core3.amsl.com>; Tue, 14 Sep 2010 18:29:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.459
X-Spam-Level:
X-Spam-Status: No, score=0.459 tagged_above=-999 required=5 tests=[AWL=-1.263, BAYES_40=-0.185, FROM_DOMAIN_NOVOWEL=0.5, HTML_MESSAGE=0.001, J_CHICKENPOX_36=0.6, SARE_URI_CONS7=0.306, URI_NOVOWEL=0.5]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9niJhW-9ltZO for <oauth@core3.amsl.com>; Tue, 14 Sep 2010 18:29:11 -0700 (PDT)
Received: from mail.promanage-inc.com (eliasisrael.com [98.111.84.13]) by core3.amsl.com (Postfix) with ESMTP id 1A2083A6811 for <oauth@ietf.org>; Tue, 14 Sep 2010 18:29:10 -0700 (PDT)
Received: from [192.168.168.198] ([192.168.168.198]) (authenticated bits=0) by mail.promanage-inc.com (8.14.4/8.14.3) with ESMTP id o8F1TYQc023313 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Tue, 14 Sep 2010 18:29:34 -0700
Mime-Version: 1.0 (Apple Message framework v1081)
Content-Type: multipart/alternative; boundary=Apple-Mail-239--883187381
From: Eve Maler <eve@xmlgrrl.com>
In-Reply-To: <AANLkTim9zFuG_ob=mvqrXuqtU5ZGNSf8Grqh6QZW9nJa@mail.gmail.com>
Date: Tue, 14 Sep 2010 18:29:34 -0700
Message-Id: <7CE885B6-20BE-4A22-81EE-4656CA2BEEA7@xmlgrrl.com>
References: <4C8C17F9.9050908@gmx.net> <4C8C1BA1.1020902@gmx.net> <AANLkTi=B2jxcT1hFRhZ7NoPxQJHLw7=Ak7wuMgMvOOxe@mail.gmail.com> <AANLkTim9zFuG_ob=mvqrXuqtU5ZGNSf8Grqh6QZW9nJa@mail.gmail.com>
To: OAuth WG <oauth@ietf.org>
X-Mailer: Apple Mail (2.1081)
Subject: Re: [OAUTH-WG] Rechartering
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Sep 2010 01:29:12 -0000

Dynamic authz server discovery and client registration would be needed in OAuth-based identity management.  But I would submit that they're needed even apart from it (since I've got that need), and so should be specified modularly, with the identity management piece pointing to it (if it wants to).

I've gotten strong interest in taking forward the dynamic client reg I-D as a work item from my co-authors and also some others who need to solve for native-app flows. So we (with Maciej Machulak as ringleader) can speak up for discovery/registration if that suits the group. (I'm not sure if discovery should be a separate module; I'm inclined to think it should be all together.)

	Eve

On 13 Sep 2010, at 7:31 AM, Christian Scholz wrote:

> Hi!
> 
> 2010/9/12 David Recordon <recordond@gmail.com>
> I'd like to see us finish Core before considering re-chartering. :)
> 
> But to your original question. I'm interested in the UX extension (said I'd edit), device flow (said I'd edit), and the OpenID Connect work which encompasses dynamic registration and likely artifact binding (also editing but outside of the IETF).
> 
> As we submitted the draft about dynamic registration I am wondering if we can somehow join our two. Is http://openidconnect.com/ still recent? 
> We (coming from UMA) had some additional requirements like also sending some metadata information from the client to the server (as you'd normally do with manual registration). We also would probably prefer having a separate spec we can point to for registration (probably the same for discovery).
> 
> best regards,
> 
> Christian
> 
> -- 
> Christian Scholz, COM.lounge GmbH, tel. +49 241 400 730 0, http://comlounge.net
> Blog: http://mrtopf.de/blog, Twitter: http://twitter.com/mrtopf
> 
> Podcasts:
> Der OpenWeb-Podcast (http://openwebpodcast.de)
> Data Without Borders (http://datawithoutborders.net)
> Politisches: http://politfunk.de/
> 
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth


Eve Maler                                  http://www.xmlgrrl.com/blog
+1 425 345 6756                         http://www.twitter.com/xmlgrrl