Re: [Txauth] Txauth Digest, Vol 9, Issue 46
Yaron Sheffer <yaronf.ietf@gmail.com> Wed, 20 May 2020 14:01 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7ABE93A0A02 for <txauth@ietfa.amsl.com>; Wed, 20 May 2020 07:01:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VaAdA76URw6w for <txauth@ietfa.amsl.com>; Wed, 20 May 2020 07:01:29 -0700 (PDT)
Received: from mail-wr1-x430.google.com (mail-wr1-x430.google.com [IPv6:2a00:1450:4864:20::430]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9A7503A09FF for <txauth@ietf.org>; Wed, 20 May 2020 07:01:28 -0700 (PDT)
Received: by mail-wr1-x430.google.com with SMTP id e1so3271715wrt.5 for <txauth@ietf.org>; Wed, 20 May 2020 07:01:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=user-agent:date:subject:from:to:message-id:thread-topic:references :in-reply-to:mime-version; bh=RkElWqkNVPSmeU18tVwnNlH5PRnT6t2p1dli3vJpjxY=; b=eEwuhumFUTiTkC2DdIImFQVRNA62VWKfBTOWyFBcEuF8d6XyNsb78YWJ9huV1v8lL8 wyxS8kALlI20/QW2D41luaSGSQIZC8bRp4qu3v4BnGg1K0IKhzeCYd2Trs/4xzAN4IiH hnVw5air2YldtaO6z0ZLfY2Vh1YOv/s0BU5BO5ohoj+OXo8/hfGTIL0FEyEPK7xWFVho Vg7yZ/gkN2dJoF+0Dg/Ss7V3loUdZ4b6sPxlecq2JwW6z4Vu1DN3Qc/kRNAH+2WAk22m aKUw1s3fQYeOCN9BTuiUzXqbMQh1CJwHQmXp74RIrmZv2m968HlAGn0bt87APOugJcS9 al3A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:message-id :thread-topic:references:in-reply-to:mime-version; bh=RkElWqkNVPSmeU18tVwnNlH5PRnT6t2p1dli3vJpjxY=; b=b36bERE+iaYV3qakbMDexKnl6BFWwsmgpnG/2mBYgPHO2kCwZem1ahc3yQ0kWOMeEL ed/+7chKn6Rxh/PhjRmgUnP5HMFob02pND0ZcV6fs8FXlcMBcYQYjn9chSa/gXpBBR8T 3Att8sCdkx1zbaNo1AiR3+D7zHp/CyFSme5s5gyW8kCPuxbhFvWgv8STfEF2WC2YtRME y0jWWbfmqmqla/J79iAnbprjIe5jELPOClb/tgmyFPutJYhOPktMVXHlSHAS7F9dNRtY gQTp0vEJYh/lcdg/6m9J2gLiKuCx/0BjPayzYHKVns3qH11uqKXua2s8sGysRXJRFdEs R0Ew==
X-Gm-Message-State: AOAM532QeYpaEaZhbeg3Bd+tpT6MFp+XFsd7EHvbYUbH+BDFVVDMwswN HRXDXoUkg7zCbO46YwFZw5v8rZf0keI=
X-Google-Smtp-Source: ABdhPJzck8aWMCaIkYiLQU9/j4WCuN5558uSU8lra3+O7emWceCdvOoirU0o+IrxujSVPg94lGe+Hw==
X-Received: by 2002:a05:6000:10d:: with SMTP id o13mr2768725wrx.328.1589983286791; Wed, 20 May 2020 07:01:26 -0700 (PDT)
Received: from [10.0.0.140] (bzq-79-176-11-75.red.bezeqint.net. [79.176.11.75]) by smtp.gmail.com with ESMTPSA id v126sm3630830wma.9.2020.05.20.07.01.24 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 20 May 2020 07:01:26 -0700 (PDT)
User-Agent: Microsoft-MacOutlook/16.37.20051002
Date: Wed, 20 May 2020 17:01:24 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
To: Fabien Imbault <fabien.imbault@gmail.com>, txauth@ietf.org
Message-ID: <81F9BC0B-55C1-4439-980A-5729B14274B8@gmail.com>
Thread-Topic: [Txauth] Txauth Digest, Vol 9, Issue 46
References: <mailman.532.1589975683.8861.txauth@ietf.org> <CAM8feuQzVjd2pii=e1Vxp0uHVsRVbuS+cJn_3ML8n-XLROKCNw@mail.gmail.com>
In-Reply-To: <CAM8feuQzVjd2pii=e1Vxp0uHVsRVbuS+cJn_3ML8n-XLROKCNw@mail.gmail.com>
Mime-version: 1.0
Content-type: multipart/alternative; boundary="B_3672838884_2045304624"
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/6ZbtbtRt8mELnrqie7wsV71y0kM>
Subject: Re: [Txauth] Txauth Digest, Vol 9, Issue 46
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 May 2020 14:01:33 -0000
Hi Fabien, Thank you for the detailed response. I’m struggling though with those where you “don’t have a strong opinion”. Should we count them as “wouldn’t object” or are they really “object” and you don’t have a good explanation – which is totally fine. Regards, Yaron From: Txauth <txauth-bounces@ietf.org> on behalf of Fabien Imbault <fabien.imbault@gmail.com> Date: Wednesday, May 20, 2020 at 15:26 To: <txauth@ietf.org> Subject: Re: [Txauth] Txauth Digest, Vol 9, Issue 46 Thanks Yaron, sorry I had missed that. That's great. So here I go, of course that's a personal view and explanations should be taken as constructive criticisms. Wouldn’t Object: * TxAuth Transmission of Authority -> seems good to me, even if Tx still makes me think more of transaction. The easiest to remember for me. * XAuthZ eXtensible authoriZation protocol -> I like that AuthZ makes the scope clearer. Maybe a bit hard to pronounce and may look very nerdy to the average user (but I think it's still ok). * GranPro GRAnt Negotiation Protocol -> seems pretty clear Object: * TXAuth Testable eXtensible Authorization (doesn't seem production ready) * TXAuth Truly eXtensible Authorization (don't know what would be a not truly extensible auth) * RefAuthZ Refactored Authorization Protocol (same idea, refactored compared to what) * ReAuthZ Reimagined Authorization Protocol (same idea) * AAuthZ Alternative Authorization Protocol (same idea) * PAuthZ Protocol for Authorization (too broad) * TINOA This Is Not OAuth (so what?) * DIYAuthZ Do-It-Yourself Authorization Protocol (people don't want DIY auth I think, they want secure stuff) * IDPAuthZ Intent Driven Protocol for Authorization (too close to IDentity Provider) For the rest, I don't have strong opinions, it's just that they don't resonate well to me, and I struggle to remember them. Fabien ---------- Forwarded message ---------- From: Yaron Sheffer <yaronf.ietf@gmail.com> To: Fabien Imbault <fabien.imbault@gmail.com>, <txauth@ietf.org> Cc: Bcc: Date: Wed, 20 May 2020 14:54:35 +0300 Subject: Re: [Txauth] Txauth Digest, Vol 9, Issue 44 Hi Fabien, Please see my email from yesterday for method and calendar. https://mailarchive.ietf.org/arch/msg/txauth/sxMA2D3xkluRwJJGWcPOck7HlT8/ Thanks, Yaron From: Txauth <txauth-bounces@ietf.org> on behalf of Fabien Imbault <fabien.imbault@gmail.com> Date: Wednesday, May 20, 2020 at 13:38 To: <txauth@ietf.org> Subject: Re: [Txauth] Txauth Digest, Vol 9, Issue 44 Hi, Well, I guess the issue with the poll illustrates quite clearly why we need authorization in systems. I'm not sure we really need more names right now, the brainstorming produced quite a large set of possibilities (which Nigel evaluated based on some common requirements), from which we need to choose. My personal opinion is that we need to keep things simple: find a way to decide on a name and start focusing on the specification itself. Let's see what co-chairs propose in terms of method and calendar. Fabien ---------- Forwarded message ---------- From: Nigel Hamilton <nige@123.do> To: txauth@ietf.org Cc: Bcc: Date: Wed, 20 May 2020 06:20:40 +0100 Subject: [Txauth] Name Game (contd) Hi, It's a bit disappointing that the voting went awry. It's normal to go through a few iterations however. I personally like WRAC - as it is distinctive and the expanded acronym helps to explain what it does. I just want to flag up, however, that there are some potential trademark problems with it. If it had been submitted prior to the first poll - it would have appeared in the lower list and not made the first voting round. Cheers Nige ---------- Forwarded message ---------- From: David Skaife <blue.ringed.octopus.guy@gmail.com> To: Yaron Sheffer <yaronf.ietf@gmail.com> Cc: "txauth@ietf.org" <txauth@ietf.org> Bcc: Date: Wed, 20 May 2020 10:50:19 +0100 Subject: Re: [Txauth] Call for WG name preferences Hi Yaron, I think overall the proposed approach is sensible, however, I'm not sure it's a good idea to allow new names to be suggested at the same time as when people are stating which names they would and wouldn't object to. It's going to get very chaotic if new names are being suggested at the same time as this consensus check. Also, what happens if someone suggests a new name a few hours before the deadline giving very little time for people to confirm whether they object to it or not? Would it not be more sensible to draw a line under new name suggestions before we then state our preferences? Many thanks, David Skaife On Tue, May 19, 2020 at 9:34 PM Yaron Sheffer <yaronf.ietf@gmail.com> wrote: Hi! After reviewing the community feedback and discussions with the AD, we’d like to again launch a process to elicit feedback on naming. Our proposal is below. We’d appreciate any clarifying questions, proposed improvements or objections by 0800 UTC, Thursday, May 21st . Thanks, Yaron and Dick PS, I’m sharing the load with Dick and taking point on this consensus call -- Yaron ---- Before we submit the draft charter [1] to the IESG, we wanted to explore the name of the group. During the chartering discussions, some people objected to the BoF name being the WG name. We’d like to get consensus on what the WG name should be. Our first attempt to elicit input [2] wasn’t successful, and this is a second attempt to get consensus from the community. To get to consensus, we want to gather preferences on the currently known WG name candidates. Our goal is not to select the most popular name -- it is to select a name everyone can live with and ensure that we understand and weigh any objections there might be with that choice. To that end, we’d like to elicit your name preferences in the following way: (1) In previous discussions, the following candidate names have been voiced (we have listed only these names that received at least one vote previously): * AAuthZ Alternative Authorization Protocol (AAuthZ) * AZARP AuthoriZed Access to Resources Protocol * AZARAP AuthoriZation And Resource Access Protocol * BeBAuthZ Back-end Based Authorization Protocol * BYOAuthZ Build-Your-Own Authorization Protocol * CPAAP Comprehensive Privileged Authentication Authorization Protocol * DAZARAP Delegated AuthoriZation And Resource Access Protocol * DIYAuthZ Do-It-Yourself Authorization Protocol * GNAP Grant Negotiation and Authorization Protocol * GranPro GRAnt Negotiation Protocol * IDPAuthZ Intent Driven Protocol for Authorization * NIRAD Negotiation of Intent Registration and Authority Delegation * PAuthZ Protocol for Authorization * RefAuthZ Refactored Authorization Protocol * ReAuthZ Reimagined Authorization Protocol * TIAAP Tokenized Identity and Access Protocol * TIDEAuth Trust via Intent Driven Extension Auth * TIDYAuth Trust via Intent Driven Yield Auth * TIEAuth Trust via Intent Extension Auth * TINOA This Is Not OAuth * TXAuth Testable eXtensible Authorization * TxAuth Transmission of Authority * TXAuth Truly eXtensible Authorization * XAuthZ eXtensible authoriZation protocol We would ask that you consider these names, and respond to the list with your selection of the following two categories: * “Wouldn’t Object” -- this is not necessarily your preferred name, but you would be comfortable with it being the name of the WG (choose as many names as you want) * “Object” -- you would be uncomfortable with the WG being named in this way (choose as many names as you want; please provide an explanation) (2) If your preferred name isn’t in the list per (1), you can send a note to the mailing list stating that you’d like the WG to consider a new name. Please ensure the name adheres to the previously discussed naming criteria at [3]. We still request that you provide your other preferences and objections. (3) If you previously sent in your preferences, but a new name suggestion or someone’s objection changed your mind, then send another message to the mailing list with your revised preferences. For the purposes of consensus, we’ll assume that everyone who hasn’t commented on a new name introduced per (2) “objects” to it (i.e., we want to hear positive confirmation of preference on new names). (4) Please provide your input by 0800 UTC June 4, 2020. With that input, our plan is to assess rough consensus in the following way: (a) See if there is consensus for a name identified given the “wouldn’t object to being the WG name” preference and the level of “would object” feedback (b) If there isn’t clear consensus with (a), but a significantly reduced set of candidates around which there is enthusiasm, the chairs will share the results and request feedback (c) If rough consensus appears to be reached through steps (a) – (b), revisit the objections to this candidate name, elicit additional objections and see if they change the consensus. Regards, Yaron and Dick [1] https://datatracker.ietf.org/doc/charter-ietf-txauth/ [2] https://mailarchive.ietf.org/arch/msg/txauth/GnTUvD191MGMF63Oe3VTqkYi0Wg/ [3] https://mailarchive.ietf.org/arch/msg/txauth/lAe06IW4nihUzyTkWVDcq8rnUa8/ -- Txauth mailing list Txauth@ietf.org https://www.ietf.org/mailman/listinfo/txauth ---------- Forwarded message ---------- From: Yaron Sheffer <yaronf.ietf@gmail.com> To: David Skaife <blue.ringed.octopus.guy@gmail.com> Cc: "txauth@ietf.org" <txauth@ietf.org> Bcc: Date: Wed, 20 May 2020 12:57:07 +0300 Subject: Re: [Txauth] Call for WG name preferences Maybe, but the proposal makes it clear that the default for new names is that we consider everyone to “object” to them unless explicitly told otherwise.. So people will understand that the only way for a name to have a chance is to propose it early in the game. Thanks, Yaron From: David Skaife <blue.ringed.octopus.guy@gmail.com> Date: Wednesday, May 20, 2020 at 12:50 To: Yaron Sheffer <yaronf.ietf@gmail.com> Cc: "txauth@ietf.org" <txauth@ietf.org> Subject: Re: [Txauth] Call for WG name preferences Hi Yaron, I think overall the proposed approach is sensible, however, I'm not sure it's a good idea to allow new names to be suggested at the same time as when people are stating which names they would and wouldn't object to. It's going to get very chaotic if new names are being suggested at the same time as this consensus check. Also, what happens if someone suggests a new name a few hours before the deadline giving very little time for people to confirm whether they object to it or not? Would it not be more sensible to draw a line under new name suggestions before we then state our preferences? Many thanks, David Skaife On Tue, May 19, 2020 at 9:34 PM Yaron Sheffer <yaronf.ietf@gmail.com> wrote: Hi! After reviewing the community feedback and discussions with the AD, we’d like to again launch a process to elicit feedback on naming. Our proposal is below. We’d appreciate any clarifying questions, proposed improvements or objections by 0800 UTC, Thursday, May 21st . Thanks, Yaron and Dick PS, I’m sharing the load with Dick and taking point on this consensus call -- Yaron ---- Before we submit the draft charter [1] to the IESG, we wanted to explore the name of the group. During the chartering discussions, some people objected to the BoF name being the WG name. We’d like to get consensus on what the WG name should be. Our first attempt to elicit input [2] wasn’t successful, and this is a second attempt to get consensus from the community. To get to consensus, we want to gather preferences on the currently known WG name candidates. Our goal is not to select the most popular name -- it is to select a name everyone can live with and ensure that we understand and weigh any objections there might be with that choice. To that end, we’d like to elicit your name preferences in the following way: (1) In previous discussions, the following candidate names have been voiced (we have listed only these names that received at least one vote previously): * AAuthZ Alternative Authorization Protocol (AAuthZ) * AZARP AuthoriZed Access to Resources Protocol * AZARAP AuthoriZation And Resource Access Protocol * BeBAuthZ Back-end Based Authorization Protocol * BYOAuthZ Build-Your-Own Authorization Protocol * CPAAP Comprehensive Privileged Authentication Authorization Protocol * DAZARAP Delegated AuthoriZation And Resource Access Protocol * DIYAuthZ Do-It-Yourself Authorization Protocol * GNAP Grant Negotiation and Authorization Protocol * GranPro GRAnt Negotiation Protocol * IDPAuthZ Intent Driven Protocol for Authorization * NIRAD Negotiation of Intent Registration and Authority Delegation * PAuthZ Protocol for Authorization * RefAuthZ Refactored Authorization Protocol * ReAuthZ Reimagined Authorization Protocol * TIAAP Tokenized Identity and Access Protocol * TIDEAuth Trust via Intent Driven Extension Auth * TIDYAuth Trust via Intent Driven Yield Auth * TIEAuth Trust via Intent Extension Auth * TINOA This Is Not OAuth * TXAuth Testable eXtensible Authorization * TxAuth Transmission of Authority * TXAuth Truly eXtensible Authorization * XAuthZ eXtensible authoriZation protocol We would ask that you consider these names, and respond to the list with your selection of the following two categories: * “Wouldn’t Object” -- this is not necessarily your preferred name, but you would be comfortable with it being the name of the WG (choose as many names as you want) * “Object” -- you would be uncomfortable with the WG being named in this way (choose as many names as you want; please provide an explanation) (2) If your preferred name isn’t in the list per (1), you can send a note to the mailing list stating that you’d like the WG to consider a new name. Please ensure the name adheres to the previously discussed naming criteria at [3]. We still request that you provide your other preferences and objections. (3) If you previously sent in your preferences, but a new name suggestion or someone’s objection changed your mind, then send another message to the mailing list with your revised preferences. For the purposes of consensus, we’ll assume that everyone who hasn’t commented on a new name introduced per (2) “objects” to it (i.e., we want to hear positive confirmation of preference on new names). (4) Please provide your input by 0800 UTC June 4, 2020. With that input, our plan is to assess rough consensus in the following way: (a) See if there is consensus for a name identified given the “wouldn’t object to being the WG name” preference and the level of “would object” feedback (b) If there isn’t clear consensus with (a), but a significantly reduced set of candidates around which there is enthusiasm, the chairs will share the results and request feedback (c) If rough consensus appears to be reached through steps (a) – (b), revisit the objections to this candidate name, elicit additional objections and see if they change the consensus. Regards, Yaron and Dick [1] https://datatracker.ietf.org/doc/charter-ietf-txauth/ [2] https://mailarchive.ietf.org/arch/msg/txauth/GnTUvD191MGMF63Oe3VTqkYi0Wg/ [3] https://mailarchive.ietf.org/arch/msg/txauth/lAe06IW4nihUzyTkWVDcq8rnUa8/ -- Txauth mailing list Txauth@ietf.org https://www.ietf.org/mailman/listinfo/txauth Txauth mailing list Txauth@ietf.org https://www.ietf.org/mailman/listinfo/txauth -- Txauth mailing list Txauth@ietf.org https://www.ietf.org/mailman/listinfo/txauth Txauth mailing list Txauth@ietf.org https://www.ietf.org/mailman/listinfo/txauth -- Txauth mailing list Txauth@ietf.org https://www.ietf.org/mailman/listinfo/txauth
- Re: [Txauth] Txauth Digest, Vol 9, Issue 46 Fabien Imbault
- Re: [Txauth] Txauth Digest, Vol 9, Issue 46 Yaron Sheffer
- Re: [Txauth] Txauth Digest, Vol 9, Issue 46 Justin Richer