IETF Logo Mail Archive

Re: [GNAP] client definition

Justin Richer <jricher@mit.edu> Mon, 14 December 2020 14:55 UTC

Return-Path: <jricher@mit.edu>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D65253A11DB for <txauth@ietfa.amsl.com>; Mon, 14 Dec 2020 06:55:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.006
X-Spam-Level:
X-Spam-Status: No, score=0.006 tagged_above=-999 required=5 tests=[HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GeLnNczapzlR for <txauth@ietfa.amsl.com>; Mon, 14 Dec 2020 06:55:52 -0800 (PST)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8CB2F3A11E4 for <txauth@ietf.org>; Mon, 14 Dec 2020 06:55:29 -0800 (PST)
Received: from [192.168.1.19] (static-71-174-62-56.bstnma.fios.verizon.net [71.174.62.56]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 0BEEtQB6017644 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 14 Dec 2020 09:55:27 -0500
From: Justin Richer <jricher@mit.edu>
Message-Id: <999837CF-DF6F-4189-A5B1-716F0588D13A@mit.edu>
Content-Type: multipart/alternative; boundary="Apple-Mail=_A1ABFAD2-266E-4B45-BC67-191F65796019"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
Date: Mon, 14 Dec 2020 09:55:26 -0500
In-Reply-To: <CAM8feuTVCyQEQ-YBD4O6V8YR+ZGNt8t8rFfS_i6L0ZdNt+AUGQ@mail.gmail.com>
Cc: Tom Jones <thomasclinganjones@gmail.com>, txauth gnap <txauth@ietf.org>
To: Fabien Imbault <fabien.imbault@gmail.com>
References: <CAK2Cwb6f1TVraaAJh9bLkkRDVeooVFJExYsZizkGy61dXRERWA@mail.gmail.com> <CAM8feuSqxrHhVs9OWsciepRSv-TGcYA+hKka243+igA6+=O-2w@mail.gmail.com> <CAK2Cwb7U4My_L4uJP_CCBUjRjLjKAd8H0AjRGnC7G6cv+CNCZQ@mail.gmail.com> <CAM8feuReupd4i7XPM=6i-OuS+mAq+-2mMfv7aBJjzSXAh1U2mg@mail.gmail.com> <CAM8feuTVCyQEQ-YBD4O6V8YR+ZGNt8t8rFfS_i6L0ZdNt+AUGQ@mail.gmail.com>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/6-57sP-nM_jnXmtr6gncpssbJRc>
Subject: Re: [GNAP] client definition
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: GNAP <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Dec 2020 14:55:54 -0000

I think it’s helpful for the definition to go in this direction. 

I do want to push back on it being use case specific though — we are in fact trying to capture these roles more generally by framing them with the relationships between the roles as the primary driver. The negotiation with the AS (as a role) starts with an HTTP request, but from there the protocol is designed to allow branching off to lots of different models if the client supports it. The AS as a role could be fulfilled by several distributed entities, including items running on the user’s device. There are a lot of things that can be supported from that model, and it’s my belief that the self-issued model you’re talking about can layer onto this. 

 — Justin

> On Dec 14, 2020, at 4:56 AM, Fabien Imbault <fabien.imbault@gmail.com> wrote:
> 
> I feel that putting user or end-user into the definition might do more harm than good. 
> 
> my suggestion: 
> 
> application that consumes resources from one or several RSs, possibly requiring a negotiation of access privileges with one or several ASs.
> 
> On Mon, Dec 14, 2020 at 9:02 AM Fabien Imbault <fabien.imbault@gmail.com <mailto:fabien.imbault@gmail.com>> wrote:
> Ok, thanks for the clarification. 
> I'll try to think of a new definition with that in mind.
> 
> On Sun, Dec 13, 2020 at 11:24 PM Tom Jones <thomasclinganjones@gmail.com <mailto:thomasclinganjones@gmail.com>> wrote:
> It could be the RO or a guardian for the RO so user is the right term.
> Peace ..tom
> 
> 
> On Sun, Dec 13, 2020 at 10:42 AM Fabien Imbault <fabien.imbault@gmail.com <mailto:fabien.imbault@gmail.com>> wrote:
> Hi, 
> 
> Thanks for the feedback. Highly use case specific seems a bit of an overstatement, I would say it is the most common case. But I get your point.
> We've tried to be more specific on end-user vs RO. In your proposal I guess the user you're referring to is the RO. 
> 
> I find the suggested definition a bit convoluted, let's think about it a bit more. 
> 
> Cheers
> Fabien
> 
> 
> On Sun, Dec 13, 2020 at 7:04 PM Tom Jones <thomasclinganjones@gmail.com <mailto:thomasclinganjones@gmail.com>> wrote:
> This definition is highly use case specific. It leaves out the possibility of (eg) a self-issued identifier where the RP displays a request to the user on a web page, the user clicks the button and the result is that a wallet on the user's device acting as the AS sends an access token to the RP (which is typically the client in an OAUTH sense.) The underlined part is often incorrect.
> 
> Client
> 
> Definition: application used by an end-user to interact with an AS or a RS
> suggestion: Client, an application that desires to get access privileges from a user to resources on an RS, possibly by way of an AS.
> 
> Peace ..tom
> -- 
> TXAuth mailing list
> TXAuth@ietf.org <mailto:TXAuth@ietf.org>
> https://www.ietf.org/mailman/listinfo/txauth <https://www.ietf.org/mailman/listinfo/txauth>
> -- 
> TXAuth mailing list
> TXAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/txauth

v2.23.0 | Report a Bug | By Email