Re: [Txauth] Call for WG name preferences - process clarification

Bron Gondwana <> Thu, 04 June 2020 01:09 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D60BB3A0C0A for <>; Wed, 3 Jun 2020 18:09:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key) header.b=ZylopLZS; dkim=pass (2048-bit key) header.b=CXymA8zp
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id c-ind4DF25X8 for <>; Wed, 3 Jun 2020 18:09:11 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 3F9573A0C0C for <>; Wed, 3 Jun 2020 18:09:11 -0700 (PDT)
Received: from compute1.internal (compute1.nyi.internal []) by mailout.west.internal (Postfix) with ESMTP id 63CA57B8 for <>; Wed, 3 Jun 2020 21:09:10 -0400 (EDT)
Received: from imap7 ([]) by compute1.internal (MEProxy); Wed, 03 Jun 2020 21:09:10 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=; h=mime-version:message-id:in-reply-to :references:date:from:to:subject:content-type; s=fm2; bh=EpLCNsq abHWbZFq3+t+BR3XUQnlsqHf3TPZrjY8dPnQ=; b=ZylopLZS9oo9KOA+WLWihFb ZKIjiUtb9jJVsZcfZJGWzzwk3q+ZU4yrnHfW6zSShemKiNU+FwNo5LF8Z9whcbLQ rO+jHJbKipncLjVeiJDYhz9If5EhlKTw3mCcsY2o8pfR37+7AL2HWU5wwr+3H43S ENPByoffh2jqD5RqcuJUQj5yJs1D4vGI0MH0zYUvzb9J89GsNB37INnZuCj9Gfhh oHpHgMnEtVKhMnfiALWy6HohxKUqrA1GnvaWKGysy9rYIs39p/LwUBp4qYZFPLAn x88OuUBAkVd7ZlNFdY7nrJNkpfNUn/1TO1xKQ+hzGp9hX0wxRXkbp6otFwbcHCQ= =
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=EpLCNs qabHWbZFq3+t+BR3XUQnlsqHf3TPZrjY8dPnQ=; b=CXymA8zpcyer90PJd9Wh6k NMrZVvn+OGAt6qfl6ScuhxKp/WlM7sdnQdV0krFY2tl8c34dv9+TdZrYJjTe/ZZc 1R/JWI2H9HfAN/osb7rNjDT4ng+SibenktXIhyjmf07q3JR3fF0W/5lD46tx2WPi udR4uovQcdV4dw5jC82pmlyTEVbmoCNBwbUaR1G2Gfyv2y41Vc/zU9EMjbGEey2C rHImquoHjImShX3hx/3Hwca8yiS0BwYRG8RK088N9/qe63fiDDsEZOiwfyEskuL1 HMu4M1C6hvn/W4oHw00FUf9WMPrfy96DMDXFHUNQ2EepVXE3lqZ/VAzlgHHK1r4g ==
X-ME-Sender: <xms:tUnYXuPsadmcMPa5NRKR7s9HicRr9PPrXuaD3SUBwJ4xw51Q8GH8rQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduhedrudegtddggeduucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvufgtsegrtd erreerreejnecuhfhrohhmpedfuehrohhnucfiohhnugifrghnrgdfuceosghrohhnghes fhgrshhtmhgrihhlthgvrghmrdgtohhmqeenucggtffrrghtthgvrhhnpeffvdekfeegle eiueettddtffehveevffefkeduvddttdekiefgjeduvdfhvdduleenucffohhmrghinhep ihgvthhfrdhorhhgnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilh hfrhhomhepsghrohhnghesfhgrshhtmhgrihhlthgvrghmrdgtohhm
X-ME-Proxy: <xmx:tUnYXs_qJ0CS7K7088yIyXue2RGjAQJf4vonjO_GniihfRUFOsw5Qw> <xmx:tUnYXlRMKR5JUPJLLZEKQodNc0T75cRHLgBDWpFETguvSKweNFqD5Q> <xmx:tUnYXutjfGwUjkt33gTVAv9hwl54PBO-h5OJI8c7AqB2yzZbOu75Xg> <xmx:tknYXl-C59G4Ho1ifWgJjqJ0qEnZj2aNLMzsGfC820IEFlvqlJd-eA>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 96DD3180091; Wed, 3 Jun 2020 21:09:09 -0400 (EDT)
X-Mailer: Webmail Interface
User-Agent: Cyrus-JMAP/3.3.0-dev0-519-g0f677ba-fm-20200601.001-g0f677ba6
Mime-Version: 1.0
Message-Id: <>
In-Reply-To: <>
References: <> <>
Date: Thu, 04 Jun 2020 11:08:48 +1000
From: "Bron Gondwana" <>
Content-Type: multipart/alternative; boundary=fe64532dd300469a9259aa7befe73803
Archived-At: <>
Subject: Re: [Txauth] Call for WG name preferences - process clarification
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 04 Jun 2020 01:09:14 -0000

I'm just gonna do objections. I object to:

*BYOAuthZ* Build-Your-Own Authorization Protocol
*DIYAuthZ * Do-It-Yourself Authorization Protocol

F&$^ no. If I wanted an abstract toolkit factory protocol interface, I'd go get OAuth2. Can we please pretty please focus on building an interoperable thing rather than a framework. Starting with a name that doesn't scream "framework".

*RefAuthZ* Refactored Authorization Protocol
*ReAuthZ* Reimagined Authorization Protocol

Re* sucks for a long term name.

*TINOA* This Is Not OAuth

"This is not" sucks for a long term name.
*WRAC* Web Resource Authorization Collaboration

I'd prefer not to explicitly be "web" because that's an environment constraint which suggests this won't be useful to non-web protocols.

*XAuthZ* eXtensible authoriZation protocol

Feels like it needs "Y" in there somewhere to collect the set of late-alphabet letters.

Mostly I'm only posting this because I know it sucks to not get feedback, and there have only been a few responses. To be honest though, which choice we make matters a lot less than making a choice. There's a meta thing about standards in general here and trying to please everybody by making everything optional and configurable to the point where nothing interoperates. Ho hum.


On Fri, May 22, 2020, at 20:32, Yaron Sheffer wrote:
> Thank you David for pointing out the loophole in my previous mail. As a result, we have decided to limit the time when new names may be proposed. If you have new name ideas, please make sure to share them until 0800 UTC, Tuesday, May 26.
> All others, if you want to make sure you are commenting on the full name list, please hold off until after Monday.
> Apologies for the process confusion, we are building it as we go.
> Thanks,
> Yaron
>  On 5/21/20, 11:53, "Yaron Sheffer" <> wrote:
>  Thank you to those who contributed early replies!
>  As a refinement/clarification to the process below: we are now focusing on discussion and making sure there are no strong objections, rather than voting on people's favorite name.
>  With that in mind, we strongly encourage people to attach an explanation to each name they object to. Therefore for names that are on neither of your lists ("wouldn't object to" and "object to"), our default assumption is that you would NOT object to them.
>  With the process now finalized, please take a few minutes and provide us with your name lists. As a reminder, the deadline is 0800 UTC June 4, 2020.
>  Thanks,
>  Yaron
>  On 5/19/20, 23:34, "Yaron Sheffer" <> wrote:
>  Hi!
>  After reviewing the community feedback and discussions with the AD, we’d like to again launch a process to elicit feedback on naming. Our proposal is below. We’d appreciate any clarifying questions, proposed improvements or objections by 0800 UTC, Thursday, May 21st .
>  Thanks,
>  Yaron and Dick 
>  PS, I’m sharing the load with Dick and taking point on this consensus call -- Yaron
>  ----
>  Before we submit the draft charter [1] to the IESG, we wanted to explore the name of the group. During the chartering discussions, some people objected to the BoF name being the WG name. We’d like to get consensus on what the WG name should be. Our first attempt to elicit input [2] wasn’t successful, and this is a second attempt to get consensus from the community.
>  To get to consensus, we want to gather preferences on the currently known WG name candidates. Our goal is not to select the most popular name -- it is to select a name everyone can live with and ensure that we understand and weigh any objections there might be with that choice. To that end, we’d like to elicit your name preferences in the following way:
>  (1) In previous discussions, the following candidate names have been voiced (we have listed only these names that received at least one vote previously):
>  * AAuthZ Alternative Authorization Protocol (AAuthZ)
>  * AZARP AuthoriZed Access to Resources Protocol
>  * AZARAP AuthoriZation And Resource Access Protocol
>  * BeBAuthZ Back-end Based Authorization Protocol
>  * BYOAuthZ Build-Your-Own Authorization Protocol
>  * CPAAP Comprehensive Privileged Authentication Authorization Protocol
>  * DAZARAP Delegated AuthoriZation And Resource Access Protocol
>  * DIYAuthZ Do-It-Yourself Authorization Protocol
>  * GNAP Grant Negotiation and Authorization Protocol
>  * GranPro GRAnt Negotiation Protocol
>  * IDPAuthZ Intent Driven Protocol for Authorization
>  * NIRAD Negotiation of Intent Registration and Authority Delegation
>  * PAuthZ Protocol for Authorization
>  * RefAuthZ Refactored Authorization Protocol
>  * ReAuthZ Reimagined Authorization Protocol
>  * TIAAP Tokenized Identity and Access Protocol
>  * TIDEAuth Trust via Intent Driven Extension Auth
>  * TIDYAuth Trust via Intent Driven Yield Auth
>  * TIEAuth Trust via Intent Extension Auth
>  * TINOA This Is Not OAuth
>  * TXAuth Testable eXtensible Authorization
>  * TxAuth Transmission of Authority
>  * TXAuth Truly eXtensible Authorization
>  * XAuthZ eXtensible authoriZation protocol
>  We would ask that you consider these names, and respond to the list with your selection of the following two categories:
>  * “Wouldn’t Object” -- this is not necessarily your preferred name, but you would be comfortable with it being the name of the WG (choose as many names as you want)
>  * “Object” -- you would be uncomfortable with the WG being named in this way (choose as many names as you want; please provide an explanation)
>  (2) If your preferred name isn’t in the list per (1), you can send a note to the mailing list stating that you’d like the WG to consider a new name. Please ensure the name adheres to the previously discussed naming criteria at [3]. We still request that you provide your other preferences and objections.
>  (3) If you previously sent in your preferences, but a new name suggestion or someone’s objection changed your mind, then send another message to the mailing list with your revised preferences. For the purposes of consensus, we’ll assume that everyone who hasn’t commented on a new name introduced per (2) “objects” to it (i.e., we want to hear positive confirmation of preference on new names).
>  (4) Please provide your input by 0800 UTC June 4, 2020.
>  With that input, our plan is to assess rough consensus in the following way:
>  (a) See if there is consensus for a name identified given the “wouldn’t object to being the WG name” preference and the level of “would object” feedback
>  (b) If there isn’t clear consensus with (a), but a significantly reduced set of candidates around which there is enthusiasm, the chairs will share the results and request feedback
>  (c) If rough consensus appears to be reached through steps (a) – (b), revisit the objections to this candidate name, elicit additional objections and see if they change the consensus.
>  Regards,
>  Yaron and Dick
>  [1]
>  [2]
>  [3]
> -- 
> Txauth mailing list

 Bron Gondwana, CEO, Fastmail Pty Ltd