IETF Logo Mail Archive

Re: [OAUTH-WG] AD review of draft-ietf-oauth-urn-sub-ns-02

Hannes Tschofenig <hannes.tschofenig@gmx.net> Sat, 23 June 2012 12:31 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 45EEC21F8437 for <oauth@ietfa.amsl.com>; Sat, 23 Jun 2012 05:31:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.509
X-Spam-Level:
X-Spam-Status: No, score=-102.509 tagged_above=-999 required=5 tests=[AWL=0.090, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NdEun1CZDyfz for <oauth@ietfa.amsl.com>; Sat, 23 Jun 2012 05:31:50 -0700 (PDT)
Received: from mailout-de.gmx.net (mailout-de.gmx.net [213.165.64.22]) by ietfa.amsl.com (Postfix) with SMTP id 3D50121F8435 for <oauth@ietf.org>; Sat, 23 Jun 2012 05:31:49 -0700 (PDT)
Received: (qmail invoked by alias); 23 Jun 2012 12:31:47 -0000
Received: from a88-115-216-191.elisa-laajakaista.fi (EHLO [192.168.100.109]) [88.115.216.191] by mail.gmx.net (mp034) with SMTP; 23 Jun 2012 14:31:47 +0200
X-Authenticated: #29516787
X-Provags-ID: V01U2FsdGVkX1/fOiZx7iLfylfqkzpi8Mc3LNFxz/BTYcIvp2EQNO ckFPDEcA0aeHDM
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset="us-ascii"
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
In-Reply-To: <4E1F6AAD24975D4BA5B16804296739436656365A@TK5EX14MBXC283.redmond.corp.microsoft.com>
Date: Sat, 23 Jun 2012 15:31:45 +0300
Content-Transfer-Encoding: quoted-printable
Message-Id: <B14B7AFA-C6A7-49EE-BC36-BDA8B0FE8814@gmx.net>
References: <4FE1C16D.6010602@cs.tcd.ie> <F606CA9D-9DB6-460E-BE7A-BC989A4AB25F@gmx.net> <CAC4RtVCrQ9yG6V_XwczXo_FvCkyCXJDfmrb-p0UX3KRW7Edx9A@mail.gmail.com> <4CD0B85C-C88D-4B52-81E4-5D53A25E60EF@cs.tcd.ie>, <CAC4RtVBEjDeoJzbxGwkTHsk2REv8+6GELywR7Sv-dsRm8LGw2A@mail.gmail.com> <4E1F6AAD24975D4BA5B16804296739436656365A@TK5EX14MBXC283.redmond.corp.microsoft.com>
To: Mike Jones <Michael.Jones@microsoft.com>
X-Mailer: Apple Mail (2.1084)
X-Y-GMX-Trusted: 0
Cc: "oauth@ietf.org" <oauth@ietf.org>, Barry Leiba <barryleiba@computer.org>
Subject: Re: [OAUTH-WG] AD review of draft-ietf-oauth-urn-sub-ns-02
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Jun 2012 12:31:51 -0000

Hi Mike, 

the point is not that other groups, like OASIS, cannot use them. They can use the extensions. 

The question is more what process and documentation is needed to allow OASIS (and others) to define their own extensions. 

So far, OASIS had not been interested for any extension (at least from what I know). The OpenID community, to which you also belong, had defined extensions (and brought some of them to the IETF) but had been quite careful themselves to ensure proper review and documentation. 

So, if you look at the most important decision points then you have: 

1) do you want a requirement for a specification, i.e., when someone defines an extension do you want it to be documented somewhere? 

2) do you envision a review from experts (e.g., checking whether the stuff makes any sense or conflicts with some other already available extensions)? 

http://tools.ietf.org/html/rfc5226 provides a good discussion about this topic. 

If the answer to the above-listed questions is YES then you probably at least want 'Specification Required' as a policy. 

Ciao
Hannes


On Jun 21, 2012, at 10:49 PM, Mike Jones wrote:

> I'd argue that the registration regime chosen should be flexible enough to permit OASIS or OpenID specs to use it. Otherwise, as someone else pointed, people will work around the limitation by using unregistered values - which helps no one.
> 
> -- Mike
> 
> From: Barry Leiba
> Sent: 6/21/2012 12:31 PM
> To: Stephen Farrell
> Cc: oauth@ietf.org
> Subject: Re: [OAUTH-WG] AD review of draft-ietf-oauth-urn-sub-ns-02
> 
> >> Stephen:
> >> Yeah, I'm not sure Standards Track is needed.
> >
> > On this bit: I personally don't care, except that we don't have to do it twice
> > because someone later on thinks the opposite and wins that argument, which
> > I'd rather not have at all  (My one-track mind:-) Doing the 4 week last call means
> > once is enough. But I'm ok with whatever the WG want.
> 
> Well, it's not a 4-week LC, but a 2-week one.  Anyway, yes, I see your
> point, and I've done that with other documents.  Better to make it
> Standards Track for now, note in the shepherd writeup that
> Informational is probably OK, and let the IESG decide.
> 
> b
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
> 
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth

v2.14.0 | Report a Bug | By Email