Re: [OAUTH-WG] Initial OAuth working group Device Flow specification
William Denniss <wdenniss@google.com> Thu, 18 February 2016 17:29 UTC
Return-Path: <wdenniss@google.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F376A1B3082 for <oauth@ietfa.amsl.com>; Thu, 18 Feb 2016 09:29:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.384
X-Spam-Level:
X-Spam-Status: No, score=-1.384 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.006, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J06GSZ3SE1i9 for <oauth@ietfa.amsl.com>; Thu, 18 Feb 2016 09:29:13 -0800 (PST)
Received: from mail-ob0-x229.google.com (mail-ob0-x229.google.com [IPv6:2607:f8b0:4003:c01::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 21E481B3074 for <oauth@ietf.org>; Thu, 18 Feb 2016 09:29:13 -0800 (PST)
Received: by mail-ob0-x229.google.com with SMTP id xk3so78172776obc.2 for <oauth@ietf.org>; Thu, 18 Feb 2016 09:29:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=krV1WC2lhwBXoatRuMn34sVUUTCvmw/odvSoz3dz/Wg=; b=VQcO49UnjQ8GtMW0F3Ke5AF1LScgUgEB4TNiBN2RDBT3Yxlk8U9ePJcVtMVyu6XQRq IT7WI6l1kT9z4nEeOkJpuooP9wVPXDWRlCSZaLrgAbhq8M2HYG9btw5XbQRW91sW2HIE 2XdV0e6RWk0diyX/l89hq0eKuhu0elL+UelZGEyYpSGJyoXKrOy7TRofKMFaJ53b9jYf puQ/v4X8BMbKOQLL6BLHGjvzxAAgVcIHW/S0wbeI9wD5VcIqlPIl34HBCc0gnX023/xd zDVOAOUwmTz0xzItc/brTX/Ld1XR8mlOUcdyPY480SLcV2cz4UxRo1++RFiripoZCfoW DZtg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=krV1WC2lhwBXoatRuMn34sVUUTCvmw/odvSoz3dz/Wg=; b=S1EkllR5Kf43wzO/nLY3+9m73YLSByQcFGBQxao17bmtGw280kbJIhrL+/SGHfJ+Qx w9Zdrw0fsz2LqMpRJRvKZrySgOkW1UPYW8DUJQpp30+4GR/rzup/kXP6aPJhCwtOpVtD p1eSG5erKMk8CQBpIHgcvLlAIwnpRJmHYLnIrb+SVKT2NX9W/CNdc6kBG6yHe6OG320t M902IOAmj7023nQm3G3x5vWtLFf+IpnYid5hhwDZj7SvbY2/5yY3LQa8Rnl5/xX8MHXu rKSXoNDcn/7iUhYvcoZRH6xsHMMHAN0/tUSM7Wm1HnVxNOSXLWrvEpj5t3UvgwtK9OPJ QqdA==
X-Gm-Message-State: AG10YOQs1Dop9HU3cKPhHcnWVija2rSY9hutoqDV65azIZt3xZUJEIF3rUJrb1Wn3w4O2k4xyYo7Ey51tkSDUzES
X-Received: by 10.182.97.2 with SMTP id dw2mr407765obb.20.1455816552122; Thu, 18 Feb 2016 09:29:12 -0800 (PST)
MIME-Version: 1.0
Received: by 10.182.227.39 with HTTP; Thu, 18 Feb 2016 09:28:52 -0800 (PST)
In-Reply-To: <CAGBSGjoaDHvDhqPw4781mk6Z+1P=4wHghTg7CdwV1CXovVXZgQ@mail.gmail.com>
References: <BY2PR03MB442A0B5B7BDCE7100215714F5AF0@BY2PR03MB442.namprd03.prod.outlook.com> <CAGBSGjoaDHvDhqPw4781mk6Z+1P=4wHghTg7CdwV1CXovVXZgQ@mail.gmail.com>
From: William Denniss <wdenniss@google.com>
Date: Thu, 18 Feb 2016 09:28:52 -0800
Message-ID: <CAAP42hAvrq-7Z03kZycCtyyJtnam=s64vUJZerD-ronwdAfMkA@mail.gmail.com>
To: Aaron Parecki <aaron@parecki.com>
Content-Type: multipart/alternative; boundary="047d7b2e501a72ed36052c0eb43b"
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/yzT3OpvjEQ4osNOux61gSn59fSM>
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Initial OAuth working group Device Flow specification
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Feb 2016 17:29:15 -0000
Thanks for your feedback, you make some very good points. Currently this draft was just resurrecting the previous draft and we've yet to do a pass on it yet based on our actual implementation experience. I'll make sure to address your points when we do. I agree that entering the code is NOT equivalent to granting authorization! That's not how we implemented it. On Thu, Feb 18, 2016 at 8:51 AM, Aaron Parecki <aaron@parecki.com> wrote: > I had previously made some comments on this back in November, but never > heard any response. These were things I ran into while implementing the > device flow on one of my servers. > > https://mailarchive.ietf.org/arch/msg/oauth/JzH-isRij9kCpbEJpXVqwZ6XjjU > > https://mailarchive.ietf.org/arch/msg/oauth/XQJ4e_kgBOfn3tkTBXf6bYVNGJE > > ---- > Aaron Parecki > aaronparecki.com > @aaronpk <http://twitter.com/aaronpk> > > > On Thu, Feb 18, 2016 at 12:34 AM, Mike Jones <Michael.Jones@microsoft.com> > wrote: > >> Thanks to William Denniss for creating the initial working group version >> of the OAuth 2.0 Device Flow specification. The abstract of the >> specification is: >> >> >> >> The device flow is suitable for OAuth 2.0 clients executing on devices >> which do not have an easy data-entry method (e.g., game consoles, TVs, >> picture frames, and media hubs), but where the end-user has separate access >> to a user-agent on another computer or device (e.g., desktop computer, a >> laptop, a smart phone, or a tablet). >> >> >> >> Note: This version of the document is a continuation of an earlier, long >> expired draft. The content of the expired draft has been copied almost >> unmodified. The goal of the work on this document is to capture deployment >> experience. >> >> >> >> If you’re using an OAuth device flow, please let us know whether this >> specification matches your usage, and if not, how yours differs. >> >> >> >> The specification is available at: >> >> · http://tools.ietf.org/html/draft-ietf-oauth-device-flow-00 >> >> >> >> An HTML-formatted version is also available at: >> >> · http://self-issued.info/docs/draft-ietf-oauth-device-flow-00.html >> >> >> >> -- Mike >> >> >> >> P.S. This notice was also posted at http://self-issued.info/?p=1546 and >> as @selfissued <https://twitter.com/selfissued>. >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> >> > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > >
- [OAUTH-WG] Initial OAuth working group Device Flo… Mike Jones
- Re: [OAUTH-WG] Initial OAuth working group Device… Aaron Parecki
- Re: [OAUTH-WG] Initial OAuth working group Device… William Denniss