IETF Logo Mail Archive

[OAUTH-WG] Info on how to implement a server

"Salz, Rich" <rsalz@akamai.com> Sat, 17 August 2019 17:23 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A47F120145 for <oauth@ietfa.amsl.com>; Sat, 17 Aug 2019 10:23:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eGSqwWIF4ca6 for <oauth@ietfa.amsl.com>; Sat, 17 Aug 2019 10:23:39 -0700 (PDT)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [IPv6:2620:100:9005:57f::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 01FEC1200D7 for <oauth@ietf.org>; Sat, 17 Aug 2019 10:23:38 -0700 (PDT)
Received: from pps.filterd (m0122330.ppops.net [127.0.0.1]) by mx0b-00190b01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id x7HHLf6o022891 for <oauth@ietf.org>; Sat, 17 Aug 2019 18:23:37 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : subject : date : message-id : content-type : mime-version; s=jan2016.eng; bh=dnkHmDw3ZnLK5N4tEjVxtI/f6vgbM7S1AvRTVsO2TdA=; b=Zgf3u8vIw1Vn6ftIsmlRL3nET4CcQd/tqTHLXN/agyt8damLJkoWbLUbEkbcX7/9RbXy EeDQPwkwIe16W3D4OnotwsustH7Yk09izuWOAJl08YZg1H22iJ8suRD59NAUkNrfGJBj DCxMH1uj3fwk3iVDd6y61KYEt6AMl9FWoIg3tMDBozpSN8Q+Ej54QjjHSzP4cILENWWZ gUwkvyecrA5AJtVtCOauEdBThL5BJboIxSMEylI5YhrBM/e/CbSG63MNZ0RVPj2E02u/ xe7tUEj8aHUv1d4wawnMm1cxGkM4mykZMeCNaulV5dfEv4cp8UupKXr7FTANF180gkDw NA==
Received: from prod-mail-ppoint4 (prod-mail-ppoint4.akamai.com [96.6.114.87] (may be forged)) by mx0b-00190b01.pphosted.com with ESMTP id 2ue97tt816-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <oauth@ietf.org>; Sat, 17 Aug 2019 18:23:37 +0100
Received: from pps.filterd (prod-mail-ppoint4.akamai.com [127.0.0.1]) by prod-mail-ppoint4.akamai.com (8.16.0.27/8.16.0.27) with SMTP id x7HHH7Zt000542 for <oauth@ietf.org>; Sat, 17 Aug 2019 13:23:36 -0400
Received: from email.msg.corp.akamai.com ([172.27.123.32]) by prod-mail-ppoint4.akamai.com with ESMTP id 2uecwyd5d8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for <oauth@ietf.org>; Sat, 17 Aug 2019 13:23:35 -0400
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com (172.27.123.101) by usma1ex-dag1mb6.msg.corp.akamai.com (172.27.123.65) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Sat, 17 Aug 2019 13:23:34 -0400
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([172.27.123.101]) by usma1ex-dag1mb1.msg.corp.akamai.com ([172.27.123.101]) with mapi id 15.00.1473.005; Sat, 17 Aug 2019 13:23:34 -0400
From: "Salz, Rich" <rsalz@akamai.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: Info on how to implement a server
Thread-Index: AQHVVSB+mqzXXWtHJ0yU+TjhKS0hzg==
Date: Sat, 17 Aug 2019 17:23:33 +0000
Message-ID: <D3FB5975-2448-445B-8B48-0A46D43E0A99@akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1c.0.190812
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.33.94]
Content-Type: multipart/alternative; boundary="_000_D3FB59752448445B8B480A46D43E0A99akamaicom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-08-17_08:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=563 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1906280000 definitions=main-1908170188
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:5.22.84,1.0.8 definitions=2019-08-17_08:2019-08-16,2019-08-17 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 clxscore=1011 priorityscore=1501 suspectscore=0 lowpriorityscore=0 bulkscore=0 phishscore=0 spamscore=0 mlxlogscore=554 impostorscore=0 mlxscore=0 malwarescore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1906280000 definitions=main-1908170189
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/z2Gg4WibsfwpJxlQmV-8JovSo6w>
Subject: [OAUTH-WG] Info on how to implement a server
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Aug 2019 17:23:40 -0000

What’s the WG consensus (heh) on the best guide to adding OAUTH support to an existing server so that it can act as an identity provider?  Which version of oauth is most widely deployed by relying parties these days?

I want to add OAUTH support to the IETF datatracker.

Thanks for any pointers.  Replies to me will be summarized for the list.

                /r$

v2.23.0 | Report a Bug | By Email