Re: [OAUTH-WG] Call for adoption: OAuth 2.0 for Native Apps
Nat Sakimura <sakimura@gmail.com> Wed, 20 January 2016 20:08 UTC
Return-Path: <sakimura@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D3E3D1A87AB for <oauth@ietfa.amsl.com>; Wed, 20 Jan 2016 12:08:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QmOpRDVFGNqy for <oauth@ietfa.amsl.com>; Wed, 20 Jan 2016 12:08:55 -0800 (PST)
Received: from mail-qk0-x229.google.com (mail-qk0-x229.google.com [IPv6:2607:f8b0:400d:c09::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 11FE11A87A1 for <oauth@ietf.org>; Wed, 20 Jan 2016 12:08:55 -0800 (PST)
Received: by mail-qk0-x229.google.com with SMTP id s68so7689640qkh.3 for <oauth@ietf.org>; Wed, 20 Jan 2016 12:08:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=TqtDQ+t3XH6fPOuKTK4DtUS7X9KHBtgdhr2VB+I08aM=; b=CdhRhu/0uu9oeog2TAMuAU5ZjtuHnoK4qJ791uIHwPylRRO/G2nJq3+OeAkD+BfP5t NykC6HF2+bK7hKUYZCCcPHwkyMl3h1s0yv34bxC1qHCTPOhkcXygtjo/dCe455xx0/qh 2lDT3kVeDFIXguZZYkva8d74eeKLHjwFvhFDJ65EubbyANPPKS4aziKnRmjFeFz37eDJ eKTpj0+7fqcUZapvHgs0AjIvdpqT4B/TPO/u1o5vaLnURpmDKrAtlnxIpAx9ubdmv4Tq B/BMyQ4+VmrHVufmCi//Feh0Hv258e0l/VLAZ/9SbCksao7sx/v3GObKOaxuUI8ZxgFt UaWA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=TqtDQ+t3XH6fPOuKTK4DtUS7X9KHBtgdhr2VB+I08aM=; b=SDXrAUxFETabh5g02DLgko0hfQteWxIyvzFhh0xtOqr5nkJM/YOIIkzeneeja3Mh72 UdJswOYShYzbDlQVM7ESmyRCZVQwY6RN7f3abIZrpXpTdn/wj+cywfoKO0bvcXck7EN6 s4HlKLBPqKp3HVAm8OseNZUHhZj0gXjF1H5fgPaFs6b4JnkQHpeszdMFY6YQntalbH2e xkIwZyHnzG5RDQSoUmQzmYzpJRdd65O8x+pQ9WPu2qKx0Z6Nln3fykr8yYiYE3K5ob8o aQSwT5TvvI/KhNTUEhixSQblWhreKAbFs7R12s21x9S0FcKXOReRVUh/90U8kr3lKPUu LuPQ==
X-Gm-Message-State: ALoCoQk1UFnRlpakK/xQpnYqq0QDlGfTTHVNSbON5FarkBzW8XmxwcM63jHx7EM4/tbN5qNFFth9g8TE5amAu2UQ8fFmGuHrZQ==
MIME-Version: 1.0
X-Received: by 10.55.15.139 with SMTP id 11mr47157664qkp.50.1453320534214; Wed, 20 Jan 2016 12:08:54 -0800 (PST)
Received: by 10.55.197.80 with HTTP; Wed, 20 Jan 2016 12:08:54 -0800 (PST)
In-Reply-To: <E0918F9D-CA19-47F7-9A87-EBBA55A0B481@ve7jtb.com>
References: <569E2231.1010107@gmx.net> <CAGBSGjpwZ929ZZHYiNpvqLvMDBrVFWaffZLQPwZn_xj7phsrpw@mail.gmail.com> <6ADAA1B5-7EF9-49EA-A3D9-6EFC57275EB9@ve7jtb.com> <CA+k3eCS1ifU+QJyFtA=gOjSneg3Vh=3bf0CjnEijKTy=-9_xsw@mail.gmail.com> <E0918F9D-CA19-47F7-9A87-EBBA55A0B481@ve7jtb.com>
Date: Thu, 21 Jan 2016 05:08:54 +0900
Message-ID: <CABzCy2BKZ-2GXrgD7FuvTSQ9DB2xYU1URDMBTpmhdG-NwMDc7A@mail.gmail.com>
From: Nat Sakimura <sakimura@gmail.com>
To: John Bradley <ve7jtb@ve7jtb.com>
Content-Type: multipart/alternative; boundary="001a1147446e2fcfdf0529c98ea0"
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/z8O_UtRVHxtJLE1v850N4c5HZ9g>
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Call for adoption: OAuth 2.0 for Native Apps
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Jan 2016 20:08:58 -0000
+1 for moving this forward. 2016年1月21日木曜日、John Bradley<ve7jtb@ve7jtb.com>さんは書きました: > Yes more is needed. It was theoretical at that point. Now we have > implementation experience. > > On Jan 20, 2016, at 3:38 PM, Brian Campbell <bcampbell@pingidentity.com > <javascript:_e(%7B%7D,'cvml','bcampbell@pingidentity.com');>> wrote: > > There is > https://tools.ietf.org/html/draft-wdenniss-oauth-native-apps-00#appendix-A > which has some mention of SFSafariViewController and Chrome Custom Tabs. > > Maybe more is needed? > > On Wed, Jan 20, 2016 at 10:45 AM, John Bradley <ve7jtb@ve7jtb.com > <javascript:_e(%7B%7D,'cvml','ve7jtb@ve7jtb.com');>> wrote: > >> Yes, in July we recommended using the system browser rather than >> WebViews. >> >> About that time Apple announced Safari view controller and Google Chrome >> custom tabs. The code in the OS is now stable and we have done a fair >> amount of testing. >> >> The OIDF will shortly be publishing reference libraries for iOS and >> Android to how how to best use View Controllers, and PKCE in native apps on >> those platforms. >> >> We do need to update this doc to reflect what we have learned in the last >> 6 months. >> >> One problem we do still have is not having someone with Win 10 mobile >> experience to help document the best practices for that platform. >> I don’t understand that platform well enough yet to include anything. >> >> John B. >> >> On Jan 20, 2016, at 12:40 PM, Aaron Parecki <aaron@parecki.com >> <javascript:_e(%7B%7D,'cvml','aaron@parecki.com');>> wrote: >> >> The section on embedded web views doesn't mention the new iOS 9 >> SFSafariViewController which allows apps to display a system browser within >> the application. The new API doesn't give the calling application access to >> anything inside the browser, so it is acceptable for using with OAuth >> flows. I think it's important to mention this new capability for apps to >> leverage since it leads to a better user experience. >> >> I'm sure that can be addressed in the coming months if this document is >> just the starting point. >> >> I definitely agree that a document about native apps is necessary since >> the core leaves a lot of guessing room for an implementation. >> >> For reference, >> https://developer.apple.com/library/prerelease/ios/releasenotes/General/WhatsNewIniOS/Articles/iOS9.html#//apple_ref/doc/uid/TP40016198-DontLinkElementID_26 >> >> And see the attached screenshot for an example of what it looks like. >> >> <embedded-oauth-view.png> >> >> ---- >> Aaron Parecki >> aaronparecki.com >> @aaronpk <http://twitter.com/aaronpk> >> >> >> On Tue, Jan 19, 2016 at 3:46 AM, Hannes Tschofenig < >> hannes.tschofenig@gmx.net >> <javascript:_e(%7B%7D,'cvml','hannes.tschofenig@gmx.net');>> wrote: >> >>> Hi all, >>> >>> this is the call for adoption of OAuth 2.0 for Native Apps, see >>> http://datatracker.ietf.org/doc/draft-wdenniss-oauth-native-apps/ >>> >>> Please let us know by Feb 2nd whether you accept / object to the >>> adoption of this document as a starting point for work in the OAuth >>> working group. >>> >>> Note: If you already stated your opinion at the IETF meeting in Yokohama >>> then you don't need to re-state your opinion, if you want. >>> >>> The feedback at the Yokohama IETF meeting was the following: 16 persons >>> for doing the work / 0 persons against / 2 persons need more info >>> >>> Ciao >>> Hannes & Derek >>> >>> >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org <javascript:_e(%7B%7D,'cvml','OAuth@ietf.org');> >>> https://www.ietf.org/mailman/listinfo/oauth >>> >>> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org <javascript:_e(%7B%7D,'cvml','OAuth@ietf.org');> >> https://www.ietf.org/mailman/listinfo/oauth >> >> >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org <javascript:_e(%7B%7D,'cvml','OAuth@ietf.org');> >> https://www.ietf.org/mailman/listinfo/oauth >> >> > > -- Nat Sakimura (=nat) Chairman, OpenID Foundation http://nat.sakimura.org/ @_nat_en
- [OAUTH-WG] Call for adoption: OAuth 2.0 for Nativ… Hannes Tschofenig
- Re: [OAUTH-WG] Call for adoption: OAuth 2.0 for N… Anthony Nadalin
- Re: [OAUTH-WG] Call for adoption: OAuth 2.0 for N… William Denniss
- Re: [OAUTH-WG] Call for adoption: OAuth 2.0 for N… Justin Richer
- Re: [OAUTH-WG] Call for adoption: OAuth 2.0 for N… Aaron Parecki
- Re: [OAUTH-WG] Call for adoption: OAuth 2.0 for N… John Bradley
- Re: [OAUTH-WG] Call for adoption: OAuth 2.0 for N… Brian Campbell
- Re: [OAUTH-WG] Call for adoption: OAuth 2.0 for N… Brian Campbell
- Re: [OAUTH-WG] Call for adoption: OAuth 2.0 for N… John Bradley
- Re: [OAUTH-WG] Call for adoption: OAuth 2.0 for N… Nat Sakimura
- Re: [OAUTH-WG] Call for adoption: OAuth 2.0 for N… John Bradley
- Re: [OAUTH-WG] Call for adoption: OAuth 2.0 for N… Anthony Nadalin
- Re: [OAUTH-WG] Call for adoption: OAuth 2.0 for N… William Denniss
- Re: [OAUTH-WG] Call for adoption: OAuth 2.0 for N… Antonio Sanso
- Re: [OAUTH-WG] Call for adoption: OAuth 2.0 for N… Roland Hedberg
- Re: [OAUTH-WG] Call for adoption: OAuth 2.0 for N… George Fletcher
- Re: [OAUTH-WG] Call for adoption: OAuth 2.0 for N… Phil Hunt