IETF Logo Mail Archive

Re: [regext] I-D Action: draft-ietf-regext-rdap-openid-18.txt

"Hollenbeck, Scott" <shollenbeck@verisign.com> Thu, 27 October 2022 12:11 UTC

Return-Path: <shollenbeck@verisign.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4FBBFC1522A6 for <regext@ietfa.amsl.com>; Thu, 27 Oct 2022 05:11:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5rcQDsamqVNt for <regext@ietfa.amsl.com>; Thu, 27 Oct 2022 05:11:35 -0700 (PDT)
Received: from mail2.verisign.com (mail2.verisign.com [72.13.63.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24950C14F746 for <regext@ietf.org>; Thu, 27 Oct 2022 05:11:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=2574; q=dns/txt; s=VRSN; t=1666872695; h=from:to:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version:subject; bh=BmtuPeW4xFMofxhbj8ls3NYI1MJPCxpB3k+S7Qt9wOg=; b=qawWnPYJaKlQq7gB6IJdMnmTFhV6MUP5PnENrfAKn6h3hfk2XZpE3h0K KoTUkaiyt7M3M6acErSQtBv0ELWm7jOVLqjqY8AQJjCwPWfnDbmDEbWcs Eo+XY0pDy7dcoHIEN+TIuBHMB8DEf9CZbJylJXdBSMdJI6yG/clZ+tWIi Utq5V0qUOkT/e9+cb0XCibqTXl/5UrvF8qmjeTF4KdwQdupLWy00ONfL7 TcWfc4nWkQrhPfv319gGtt0UOhNvbtYyKCRCS2wAnoSKWPNSXrvw/Q0an qVikQ2gK5tZuRdoCisQ9lcuEGDlkGUosS80zLXQ39jp3g89R0KBC+Da0z g==;
IronPort-Data: A9a23:r76Njq668qduaNVPwWaVkwxRtFTGchMFZxGqfqrLsTDasY5as4F+v jBMXWuPM6yCajajLdEgaoWz/U0B65PVm9FqHQpr+SlgEysa+MHIO4+Ufxz6V8+wwm8vb2o8t plDNYOQRCwQZiWBzvt4GuG59RGQ7YnRGvymTras1hlZHWdMUD0mhQ9oh9k3i4tphcnRKw6Ws LsemeWGULOe82MyYz98B56r8ks15q2q4mxA5zTSWNgQ1LPgvyhNZH4gDfzpR5fIatE8NvK3Q e/F0Ia48gvxl/v6Ior4+lpTWhRiro/6ZWBiuFIPM0SRqkEqShgJ70oOHKF0hXF/0GzVwo8rm L2hgrTrIeshFvWkdO01DUEEQ3kmVUFM0OevzXOX6aR/w6BaGpdFLjoH4EweZOUlFuhL7W5mp L8VKAJVVxG/rtmZ0IybDddPhu4/M5y+VG8fkikIITDxJ8wAGK/lbpWSvJlG1zAqnoZHEbDAf dEfLzFoaXwsYTUWYhFOV8l4xbrzwCWvG9FbgAv9Sa4f+GjUyAh81rLgO9n9ZNGQRN5UkUDer WXDl4j8KkhFZYPHlmbfmp6qrtfBjQXwBLwDLaG1ptJkkled3zFUVDRDADNXptH80CZSQel3K EsL8y4vroA++UqqRZ/xUnWQunOLsw4Ac9tdD+N87xuCopc4+C6THG5dUThMeIR/8dQoX3ov1 0TMldSvDyZp6fuLU2mbsLyTqFteJBQoEIPLXgdcJSNt3jUpiNtbYs7nJjq7LJOIsw==
IronPort-HdrOrdr: A9a23:3NB1ua+tuEJecP3GC9duk+DzI+orL9Y04lQ7vn2ZESYlF/Bw5P re+MjzsiWE8wr5OUtQ4exoV5PgfZqxz/RICMwqTNWftWrdyRGVxeNZjbcKqgeIc0bDH6xmpM RdmsNFZOEYeGIVsS+M2maF+rgbreVvu5rY4ts2h00dKz2CRZsQljtENg==
X-IronPort-AV: E=Sophos;i="5.95,217,1661817600"; d="scan'208";a="17970742"
Received: from BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) by BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.13; Thu, 27 Oct 2022 08:11:33 -0400
Received: from BRN1WNEX02.vcorp.ad.vrsn.com ([10.173.153.49]) by BRN1WNEX02.vcorp.ad.vrsn.com ([10.173.153.49]) with mapi id 15.01.2507.013; Thu, 27 Oct 2022 08:11:33 -0400
From: "Hollenbeck, Scott" <shollenbeck@verisign.com>
To: "kowalik@denic.de" <kowalik@denic.de>, "regext@ietf.org" <regext@ietf.org>
Thread-Topic: [EXTERNAL] Re: [regext] I-D Action: draft-ietf-regext-rdap-openid-18.txt
Thread-Index: AQHY5Weiia259tEZ5UKYDvvPWCW1jK4d6iyAgARCd3A=
Date: Thu, 27 Oct 2022 12:11:33 +0000
Message-ID: <6de507a2d4bb4365863fe52123345e5e@verisign.com>
References: <c6967e00-d860-a1f4-cd70-ed26bae4f305@denic.de> <05ed620b-7ecf-bfae-1af4-0847850fc8f2@denic.de>
In-Reply-To: <05ed620b-7ecf-bfae-1af4-0847850fc8f2@denic.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.170.148.18]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/hvHf_9qAcUUIh_9vOvrdhm_ofHE>
Subject: Re: [regext] I-D Action: draft-ietf-regext-rdap-openid-18.txt
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Oct 2022 12:11:39 -0000

> -----Original Message-----
> From: Pawel Kowalik <kowalik@denic.de>
> Sent: Monday, October 24, 2022 10:58 AM
> To: Hollenbeck, Scott <shollenbeck@verisign.com>; regext@ietf.org
> Subject: [EXTERNAL] Re: [regext] I-D Action: draft-ietf-regext-rdap-openid-
> 18.txt
>
> Caution: This email originated from outside the organization. Do not click 
> links
> or open attachments unless you recognize the sender and know the content is
> safe.
>
> Hi Scott,
>
> Am 19.10.22 um 14:13 schrieb Hollenbeck, Scott:
> >>
> >>>> 1. How do we address web service clients?
> >> [PK] I think the elements we need for web service clients were
> >> already elaborated in the discussion over the version 17.
> >> I'm happy to support with text proposal if needed.
> > [SAH] Text would be appreciated. Something like this perhaps?
> >
> > 4.2.5 Web Service Clients
> >
> > <Paragraph that describes what a web service client is>
> >
> > 4.2.5.1 Web Service Client Login
> >
> > <Query parameters and/or path segment descriptions>
> >
> > 4.2.5.2 Web Service Client Session Management
> >
> > <Query parameters and/or path segment descriptions>
> >
> [PK] Please find attached my draft on Web Service Clients. Most of it is 
> based
> on the concepts of the version 9. Scope "feature" is also included in the
> proposal.

[SAH] I've been testing the proposed additions with my functionally-limited 
RDAP server. I've found two minor things so far:

The tokens described in Section 4.2.5.2.1 should be placed in a named data 
structure. "farv1_tokens" could work.

As described in RFC 6749, OP support for refresh tokens is OPTIONAL. As such, 
return of the refresh_token should be OPTIONAL.

> Open point would be to add an optional possibility for 
> confidential/registered
> clients and some security considerations.

[SAH] Agreed.

Scott

v2.23.0 | Report a Bug | By Email