IETF Logo Mail Archive

Re: [GNAP] How to Learn

Justin Richer <jricher@mit.edu> Fri, 08 September 2023 20:52 UTC

Return-Path: <jricher@mit.edu>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D019C14CF09 for <txauth@ietfa.amsl.com>; Fri, 8 Sep 2023 13:52:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mit.edu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MrOrkokg_Pj7 for <txauth@ietfa.amsl.com>; Fri, 8 Sep 2023 13:52:32 -0700 (PDT)
Received: from outgoing-exchange-3.mit.edu (outgoing-exchange-3.mit.edu [18.9.28.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 13761C15153D for <txauth@ietf.org>; Fri, 8 Sep 2023 13:52:31 -0700 (PDT)
Received: from oc11exedge2.exchange.mit.edu (OC11EXEDGE2.EXCHANGE.MIT.EDU [18.9.3.18]) by outgoing-exchange-3.mit.edu (8.14.7/8.12.4) with ESMTP id 388KqTNj023630; Fri, 8 Sep 2023 16:52:30 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=outgoing; t=1694206350; bh=1e0PBKaEGtWt7CQTHfU0eb11WrQSiJbA4UKY2ezRXI0=; h=From:Subject:Date:Message-ID:Content-Type:MIME-Version; b=kUuotkRBvVkCiuGB+Xnb8+D36ocY/Lj/CkbbL+evB0scfyMv6NKKRZ+WVqG7eUV7r VXhvusupdUezAR6dxC2RJN55X5+IVe4rrP+MsFYt66TTm02uwwc7p+9ljuEMbhZuuq FBR8KNKdkmNx0lOiywLrjCkWvZ52/+R8IfyyfqkbL1ta4uAy+qFk1uzdXUyMXlOvGT bR9uNbL2wo6idowCtbJtpACrtU8IULN3QmS5Q73qwhLOLCTgnvH1RiGMzYbZPwl4dc 5C1LcXF3Yz/2Bnu4xlIQmliXfsPvc4QcENAROMnT7H8bHMCg7H6AEamE8C/hlUKNUN kn26XZY+5vvEQ==
Received: from w92expo17.exchange.mit.edu (18.7.74.71) by oc11exedge2.exchange.mit.edu (18.9.3.18) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Fri, 8 Sep 2023 16:51:37 -0400
Received: from oc11exhyb5.exchange.mit.edu (18.9.1.110) by w92expo17.exchange.mit.edu (18.7.74.71) with Microsoft SMTP Server (TLS) id 15.0.1497.42; Fri, 8 Sep 2023 16:52:28 -0400
Received: from NAM10-BN7-obe.outbound.protection.outlook.com (104.47.70.107) by oc11exhyb5.exchange.mit.edu (18.9.1.110) with Microsoft SMTP Server (TLS) id 15.0.1497.48 via Frontend Transport; Fri, 8 Sep 2023 16:52:28 -0400
Received: from DM6PR01MB4444.prod.exchangelabs.com (2603:10b6:5:78::15) by LV3PR01MB8486.prod.exchangelabs.com (2603:10b6:408:19d::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6745.32; Fri, 8 Sep 2023 20:52:27 +0000
Received: from DM6PR01MB4444.prod.exchangelabs.com ([fe80::7fe8:9de9:e874:3835]) by DM6PR01MB4444.prod.exchangelabs.com ([fe80::7fe8:9de9:e874:3835%4]) with mapi id 15.20.6768.029; Fri, 8 Sep 2023 20:52:27 +0000
From: Justin Richer <jricher@mit.edu>
To: Josh Fischer <josh@joshfischer.io>
CC: "txauth@ietf.org" <txauth@ietf.org>
Thread-Topic: [GNAP] How to Learn
Thread-Index: AQHZ4pEmJ4ZSqvjEf0uh2GiFP6A9DrARZ5AA
Date: Fri, 08 Sep 2023 20:52:27 +0000
Message-ID: <0F1A0FA5-D057-4B41-9841-E79B9BA69533@mit.edu>
References: <CAFkuAo3gJxM8oWqJoYYj7BFJ=8G4+GvwQExwPevhJPE4FoXvew@mail.gmail.com>
In-Reply-To: <CAFkuAo3gJxM8oWqJoYYj7BFJ=8G4+GvwQExwPevhJPE4FoXvew@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=mit.edu;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DM6PR01MB4444:EE_|LV3PR01MB8486:EE_
x-ms-office365-filtering-correlation-id: 367e3200-61ef-45d4-1b8d-08dbb0ad82be
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: D0x4M0j35tnIjBaeluQ5Baaspuxu6sD9V7DCSsEUOTEIK6KEZcsFUq343rviupX3czrRYBQKeQnqtZx/nL4vtH2C9vFTJhS3qd+hijUj6mcPHowcGQQ84YGQDpcimsStR1EziE7nWY0RE3dMKnl+jrGkjp6TdMi4/30rTIzWFGnslCAlB3Fv6MVijWczhcK1YuNWT9Q6QcTX1vsY/elnCU7h6aWGyIUXMQgTbCy4sRqc4ZniC0n7IG/CI1D+0byRbH8xVhQoDV8760oU30P5iH+VsbA8PFiHbFwdqQARBFp1tbhg0/fAxSZDbDdlxg01OQKpSAF4x1Iv+Tns1wpO+UpuNKr1eBiZaJWrRJo8BcSLrRDX9FwU2IwwjOHznD1+kCBgY7noKYuAjU9k4h9ZiGZL4RpcJgHQT47xnRQeL8/O8XsByi/H8bNIed7la3bHulNm/yIQY3AalsuLFNy2yM4t7rMLxW2ntn9xiRYh5RtV8NkhfM0EnQwOx3XsCxwAnl0LLp52PNgtj5qW6RTBnYm5qWduqVueDKfKNHXLkFtpvU1pTWpA59EwxzhvvClaBApWn6ki8k9aHK+5RaEEabJ/LCxdsd9ctBfR1UPqjVYp4eL2pTkTHt8UBmgIen5pDuR10bfVMWp2K1/vLmQoBw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR01MB4444.prod.exchangelabs.com; PTR:; CAT:NONE; SFS:(13230031)(346002)(366004)(376002)(136003)(396003)(39860400002)(1800799009)(451199024)(186009)(8936002)(4326008)(5660300002)(786003)(64756008)(66946007)(6916009)(66556008)(316002)(36756003)(2906002)(8676002)(66476007)(76116006)(91956017)(66446008)(41300700001)(478600001)(75432002)(6486002)(6506007)(6512007)(53546011)(122000001)(166002)(71200400001)(26005)(83380400001)(86362001)(2616005)(38100700002)(33656002)(38070700005)(966005); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: E5T2MtJISgq1+E6OPP17E0OM7GSGJmz3TN1qlARsXkuhk1JbKP+aJ8q2S+SDY6yOPI9OlZUtbsBP0BzG1pZ89m4qtRmgMtb3shtM0vjQ91WFQQ4NK/tkM/X7VUjCDDpgIoUeOT5eUilGAsoakj7htq5OmyKhtfc2FLQsC8ERogVpClCppvSSWqHnck2S+8mIXNQyYKD4Ic6pk3wqbfraD7d2Ls0oyRMgD8CcKAr34OE+Kl0xRNK8MCTKYl6ttnCTstFir3R2dZGSmYNM+2OX0e3IDiUkM5pAtybp9I+/c1zu9Vv8JQ9Bf+Kcd8+sO7qvrPYYAOqfFmlte8atEf93XZMGrffPQ9QcFFLkS008B1G4pqqn9VLKxsEWArXVLSLDSgeRPS2z8brlKon6wcvnW9N5BbXhSABQrByJGjgWknxMdmKaqIjfTFKBhKgC5PdViUt/K9HWx4GcNWgWz0ndrh5WEUWV+4is3/6SWURHVEEvM6RzEMh5Xo5NOM4qo0iiyRBJIPFn8jP9Hpcf5XwjOgOP6WcQCqgOWrNhXWSq3v4NJ0LSWGKJxIG5z6CNJV1RqJGvz46NzJBFuVdFa+Xsg0W/1J1ho7U737t9H5U5fkyc0sanMGenGzbRY/3UXjZl+F3883DkQemwJIF2Wa1bu0XTDZVwtz79//59HntZ9Y4TDxeAcpfsEPpCG+yw2kGmSxXT9aezvLCHeXOecuzcpkLX3FkKKPpuCmNkcrHEMnHh0PvTnDrRHCiIiT0tJssxieX+HRcivgeoiCBl6ITW2PozTLJEeLRReiI8FjBD45kAOE+rhhm2eP5bdQDN7NokW0OL0wtud/wrsoVfeR64Q7f+M/zCwmCH0LPDdlNxeCJpR/ea952Ow2dOTCI6Q8TF/3/4jUUTlOW5O0mDCbNAq2j64dyD/o1Ro5XW9Z0E3lQvKlJ4OnuJqLKCgzbA98Xci0IEXL3jegvRew4LqFSc9Ol477pPC2jPbq7u6qZ8susbjaGl1e49ikZC7hx3wuDxsdGuMf435MK4pzLB0Wy9bSkLtemO0vmQ9yDQc8fk1bjbStveyOT8QrT9d/sOKNY4EA8dJt1ZnXZU7rUrwfL16rQUmw650NfuS5pFtI4YDXVMIDTzGCiEDN0vSVaWRdIvJ0GTuW54yfbtLRAE/2r5TU7n5QpOjCjATQLqviQrWaiU4d+w8Ur93DtYjyueI2batHOwnNqGvTcUt5a4rA60afdVol0NiSq1iLaJc4tz+F8ZS4YmWF/dNZ7nEXx65eVMnurFh8lF1FrU8d7DJ5wnSyc7gm1ON1oYV4aqVWNY9keIb2/ljcGtWdwM2XwwnPPqJ7sUE1/LWl1vxyApDgE+mU9+19+VAeATM0XtHDKoNdSfLhtmU85yANW8p4KMyxlrcT3XjYX1V1NtTaZ+8JzNtQYq5p69tskMwnLj5926Ex6L/2Gc86+in5YyV/AWl621R004v6lg9+0eg+wlQK2FxvyiJW4BvZczEeQ0L7cP+y0A43MRht79GnQwoY/dbAR/OGrtPiiw6w+OBwqyKNy0aTX6SJmTnlEGpIBca1ZV3e7VJoAh+w/CgAenVjETBBDz
Content-Type: multipart/alternative; boundary="_000_0F1A0FA5D0574B419841E79B9BA69533mitedu_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR01MB4444.prod.exchangelabs.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 367e3200-61ef-45d4-1b8d-08dbb0ad82be
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Sep 2023 20:52:27.2279 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: QZ/MxJprg9B1vgQYtXfPK+N/7fhnQV7pJ4qWAJsu151h6oq7GKmYhNcuBSapT9wT
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV3PR01MB8486
X-OriginatorOrg: mit.edu
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/5WyyoseWcM0vqPizqUDgqTEaTSQ>
Subject: Re: [GNAP] How to Learn
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: GNAP <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Sep 2023 20:52:37 -0000

Hi Josh,

Unfortunately I don’t know of a good tutorial-level resource made for GNAP yet. I gave an in-depth presentation to the OAuth Security Workshop in 2021, which is online and might help:

https://www.youtube.com/watch?v=yC5crY3GF-8

However, it doesn’t get into the depth of “how to build it”, and some of the syntax and components of the protocol used in the examples there have change since the video was made. Still, the general concepts largely remain, and this might be a helpful resource, and hopefully some folks in the community can suggest other resources as well.

 — Justin

On Sep 8, 2023, at 4:14 PM, Josh Fischer <josh@joshfischer.io> wrote:

I'm looking through the most recent draft (15) published on June 26, 2023, and I've noticed there is a ton to learn about the entire protocol.  I'm looking to build a minimal open-source implementation of GNAP to understand it more and how it differs from OAuth.  I thought about working through either a redirect-based or user-code interaction listed in sections 1.6.2 or 1.6.3.

This is how I ended up learning OAuth, but it was quite tedious.  Does anyone have a recommendation for learning GNAP in a better way other than going through the details of the sections I listed above?

** I have seen the open-source examples in the document, thank you for providing them. But I need to build it myself to deeply understand it.

Thanks!

- Josh


--
TXAuth mailing list
TXAuth@ietf.org
https://www.ietf.org/mailman/listinfo/txauth

v2.23.0 | Report a Bug | By Email