Re: [OAUTH-WG] Working Group Last Call on Dynamic Client Registration Documents

Torsten Lodderstedt <torsten@lodderstedt.net> Sun, 06 April 2014 07:59 UTC

Return-Path: <torsten@lodderstedt.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 532401A0331 for <oauth@ietfa.amsl.com>; Sun, 6 Apr 2014 00:59:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.55
X-Spam-Level:
X-Spam-Status: No, score=-1.55 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HodUGbmdBol4 for <oauth@ietfa.amsl.com>; Sun, 6 Apr 2014 00:59:15 -0700 (PDT)
Received: from smtprelay05.ispgateway.de (smtprelay05.ispgateway.de [80.67.31.98]) by ietfa.amsl.com (Postfix) with ESMTP id 271421A030F for <oauth@ietf.org>; Sun, 6 Apr 2014 00:59:14 -0700 (PDT)
Received: from [79.253.60.18] (helo=[192.168.71.82]) by smtprelay05.ispgateway.de with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.68) (envelope-from <torsten@lodderstedt.net>) id 1WWhyt-0002aB-M0; Sun, 06 Apr 2014 09:59:07 +0200
References: <533E77C3.9000509@gmx.net> <1396629672.75505.YahooMailNeo@web142804.mail.bf1.yahoo.com> <495B4720-34D6-4588-9E63-A8F501D39177@lodderstedt.net> <1396761153.23438.YahooMailNeo@web142805.mail.bf1.yahoo.com>
Mime-Version: 1.0 (1.0)
In-Reply-To: <1396761153.23438.YahooMailNeo@web142805.mail.bf1.yahoo.com>
Content-Type: multipart/alternative; boundary=Apple-Mail-B42AA229-B38D-4FCD-9235-6D568132F91B
Content-Transfer-Encoding: 7bit
Message-Id: <D8D86C7B-9DC6-44CE-A7E4-903313571A31@lodderstedt.net>
X-Mailer: iPad Mail (11D167)
From: Torsten Lodderstedt <torsten@lodderstedt.net>
Date: Sun, 6 Apr 2014 09:59:07 +0200
To: Bill Mills <wmills_92105@yahoo.com>
X-Df-Sender: dG9yc3RlbkBsb2RkZXJzdGVkdC5uZXQ=
Archived-At: http://mailarchive.ietf.org/arch/msg/oauth/x0OWGWsCh4qtIGureO86i100jao
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Working Group Last Call on Dynamic Client Registration Documents
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 06 Apr 2014 07:59:19 -0000

I think it is at the discretion of the actual deployment whether clients may dynamically register or not (meaning they need to go through some oob mechanism). Protocols utilizing OAuth could make it part of their mandatory to implement features - in the same way OIDC does.

Best regards,
Torsten.
> Am 06.04.2014 um 07:12 schrieb Bill Mills <wmills_92105@yahoo.com>om>:
> 
> To me the fundamental question of whether a client has to be registered in each place it is used is quite significant.  We don't address the problem and have not discussed it enough.
> 
> -bill
> On Friday, April 4, 2014 11:39 PM, Torsten Lodderstedt <torsten@lodderstedt.net> wrote:
> Hi Bill,
> 
> which scalability problem are you referring to? As far as I remember there were issues around the management API but not the core protocol.
> 
> regards,
> Torsten.
> 
>> Am 04.04.2014 um 18:41 schrieb Bill Mills <wmills_92105@yahoo.com>om>:
>> 
> 
>> Given the fundamental scalability problem we discussed in London do we really feel we're ready?
>> On Friday, April 4, 2014 3:07 AM, Hannes Tschofenig <hannes.tschofenig@gmx.net> wrote:
>> Hi all,
>> 
>> This is a Last Call for comments on the dynamic client registration
>> documents:
>> 
>> * OAuth 2.0 Dynamic Client Registration Core Protocol
>> http://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-16
>> 
>> * OAuth 2.0 Dynamic Client Registration Metadata
>> http://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-metadata-00
>> 
>> Since we have to do the last call for these two documents together we
>> are setting the call for **3 weeks**.
>> 
>> Please have your comments in no later than April 25th.
>> 
>> Ciao
>> Hannes & Derek
>> 
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
>> 
>> 
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
> 
>