[OAUTH-WG] November Interim meeting on WebID/IsLoggedIn followup

Vittorio Bertocci <vittorio.bertocci@auth0.com> Fri, 22 January 2021 19:30 UTC

Return-Path: <vittorio.bertocci@auth0.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 05CB53A146E for <oauth@ietfa.amsl.com>; Fri, 22 Jan 2021 11:30:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=auth0.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MzH0kS5LtbLV for <oauth@ietfa.amsl.com>; Fri, 22 Jan 2021 11:30:10 -0800 (PST)
Received: from mail-pf1-x42b.google.com (mail-pf1-x42b.google.com [IPv6:2607:f8b0:4864:20::42b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 450C53A1474 for <oauth@ietf.org>; Fri, 22 Jan 2021 11:30:10 -0800 (PST)
Received: by mail-pf1-x42b.google.com with SMTP id i63so4481687pfg.7 for <oauth@ietf.org>; Fri, 22 Jan 2021 11:30:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=auth0.com; s=google; h=from:to:subject:thread-topic:thread-index:date:message-id :accept-language:content-language:mime-version; bh=0igwdTzrkOPafbRghdRXeGx8JVagE/7J1dpXj6B36BA=; b=GiXr/B/mEfAng2W8H3mjqBEn0VNM3C92ZGor+7Un4udcx31NyLNRnQn4it4+4cRY5C u8FcNdsasDWv+8zmlfScUZHCpacLB0Q8zp8PQYNV7wJG+dZWfF7y3HxDWCQ4OvnwRuYY yeBMHR37VhD+unBe3AfqFyiTiNVs7JHrqtY1I+s/5s56ZDMK4rfDp81gRmpnthKM6HU7 uhzereyO8ZgkymDumBzCcq1UTyOvGuqXtb05YGSAANIckEgnAJV2MdTGqUlMSo7iS64S d3US7sk1DyTcGx2MCORTARuC6NpBHhOa5cvYowMu1PrPV1l+nAVm0P22cN59T3vBrau8 8ntg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:thread-topic:thread-index:date :message-id:accept-language:content-language:mime-version; bh=0igwdTzrkOPafbRghdRXeGx8JVagE/7J1dpXj6B36BA=; b=uRFOwnSq0vOksHeI7VWme7LC2+mD4YKpNQtiUtp+aCOR79rWzNRzHMa8QSB++NgL0X vdjizc6wsxGvm+oWVIjF4v2QF1eUolOTFyBMBdNMMHporse+Gi8eK2S/1JwnGbzCqKx5 kxcP0l3/DthG7AwbePW0AlfkSCNeU6x4a1ozQCgC9V3X90/VjFnYRC0NV1qJIUFDnFrf mMdQadaoXhRqmItuqW6MVnFWl1O3lWhzT949LRDHjyEw/WCoaALn5LRNJ8YB1+CgJsKt xVf6fOjL5GNr4fG5vJaSdNI1dALgOVxJIqhqfQWq+hrRxt59ucpDBzDs22yIBg8JCWer gWeA==
X-Gm-Message-State: AOAM530ZWpziGimU2MU6sKvGjvxjScPmIZ3d5nU+jI4+ZYC+GjrVfk8I BOk1z3zDk0Y5Njtnq285yMdlSD+0eb3NfmWcWAKRTZfb/V5i1fnTUVO2YR37sWBGmN98UhsL693 jX4dE2Krj9KynwmpxuMcU23pJYpMpWSyvuhwRBRQB8ciwC/I5DGGF4IovK/0bfXEFwZJ0
X-Google-Smtp-Source: ABdhPJxVsk4fZ7gMTCxtSizhRA0WBbj/OLrmNUAvQPvPfArM5wSbsVu1P+eTAuyBiE8x44K03Og7cg==
X-Received: by 2002:a63:d04a:: with SMTP id s10mr1393384pgi.32.1611343808948; Fri, 22 Jan 2021 11:30:08 -0800 (PST)
Received: from CO6PR18MB4052.namprd18.prod.outlook.com ([2603:1036:301:402a::5]) by smtp.gmail.com with ESMTPSA id z3sm9244591pfb.157.2021.01.22.11.30.07 for <oauth@ietf.org> (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 22 Jan 2021 11:30:07 -0800 (PST)
From: Vittorio Bertocci <vittorio.bertocci@auth0.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: November Interim meeting on WebID/IsLoggedIn followup
Thread-Index: AQHW8PT97IEIO3/gCU6wmDE9jW6LAA==
X-MS-Exchange-MessageSentRepresentingType: 1
Date: Fri, 22 Jan 2021 19:30:06 +0000
Message-ID: <CO6PR18MB40521AEB923752B77E749A6EAEA09@CO6PR18MB4052.namprd18.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-Exchange-Organization-SCL: -1
X-MS-TNEF-Correlator:
X-MS-Exchange-Organization-RecordReviewCfmType: 0
Content-Type: multipart/alternative; boundary="_000_CO6PR18MB40521AEB923752B77E749A6EAEA09CO6PR18MB4052namp_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/YN5B71iy0mWzEyYu_oBMKAeZOVM>
Subject: [OAUTH-WG] November Interim meeting on WebID/IsLoggedIn followup
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jan 2021 19:30:12 -0000

Dear all,
This is a followup on the actions we agreed upon during the November interim meeting in November (notes in https://datatracker.ietf.org/meeting/interim-2020-oauth-12/materials/minutes-interim-2020-oauth-12-202011021200-00). Apologies for the delay.
The TL;DR is that we decided it might be useful to put together a document that describes the identity scenarios relying on current browser features and that we’d like to preserve.
Such document should help grounding discussions with browser vendors by making it easy to pinpoint how specific changes might impair functionality in important scenarios, and what functionality we are trying to preserve (in case the new browser feature can offer alternate path to the same outcomes).

Tackling on all the possible scenarios is too big a task for George and myself alone, hence we devised a proposed mechanism to generate and maintain that list collaboratively.
You can find a framing proposal in https://datatracker.ietf.org/doc/html/draft-bertocci-identity-in-browser-00, and the github repo workspace https://github.com/IDBrowserUseCases/docs. Thanks to Daniel and Torsten for their help on figuring out how to use mmark to write internet drafts.

We do have a list of candidate scenarios, but before going too deep in it we wanted to give the group the chance to take a look at the model and get your feedback before we charge down that path. This is a pretty unusual collaboration model and getting it to work might be tricky.
Please let us know what you think!

Cheers
G&V