IETF Logo Mail Archive

Re: [Txauth] TxAuth Charter (Take 3.5)

Dick Hardt <dick.hardt@gmail.com> Wed, 29 January 2020 12:32 UTC

Return-Path: <dick.hardt@gmail.com>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 74CE912010F for <txauth@ietfa.amsl.com>; Wed, 29 Jan 2020 04:32:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3woYRSUH7fvc for <txauth@ietfa.amsl.com>; Wed, 29 Jan 2020 04:32:16 -0800 (PST)
Received: from mail-lj1-x22b.google.com (mail-lj1-x22b.google.com [IPv6:2a00:1450:4864:20::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F2D5120108 for <txauth@ietf.org>; Wed, 29 Jan 2020 04:32:16 -0800 (PST)
Received: by mail-lj1-x22b.google.com with SMTP id n18so18232656ljo.7 for <txauth@ietf.org>; Wed, 29 Jan 2020 04:32:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=YB1+0i8xQWp3pscCHzuSwukwaZ4KPs2FdDS1du9eXuk=; b=bzf6/374ORJggGjtWcWRUorWsUYNP97gdkIcdNQp3CXjr06li80yqYKkOqqh9Bo4kJ JHbhIeezF/6se6L0pEvgPbMHlWjY6WgPgmVyZCJGFLzuEoitNuUji9sm4edSSGlEvImO eDKGqy73u1OkaS9QXIrf6GDPWahHP+Z1s17A1hF8valdA1/v8QI2S1w3go+pqx24N1D/ 8OCQITIdCO4OFmbfxEKLdiW/vjYbnoiqItjS9J5bKVIou+RLetzG3U2vRQFkVHRbDztc GftkUHMJbeCwgANIsgDl+JNDUwiUpj4+Spk5Yz8Vd3Z3XLR58DQk+iMlo4QKRRFGXkKF zFmg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=YB1+0i8xQWp3pscCHzuSwukwaZ4KPs2FdDS1du9eXuk=; b=b1vRe//exJR6JSNuJVYwdf0aCP7dmLI5wPyS1JWJUjsyWXI4TLOgRz125PeG0c6fY0 ULVFFYFIk1NQc0FDzAImKO2Nfi3ahaqeYm+HlZrBHNREOaaw26qHSYOlttjIpU1ZrHCZ 3K74Hm3yPdkOKdkuSlIdZf2Os+sCs3bpCA0YRFmrIn+xUFK4lLtrhKg7sy6esALKi1xr nAj2Bq+/Ez2UY+uf82cxc7ePT5qcBqIIPcbX8LQQ5xnOKAL3blitAh+dEl5gn41cHtKW zJaGBYjE4Dz1SSJotANcfehhHg+1weBJzCcNiK6KtwqndBh8/BKMqfNlrA8FNAXDXqd8 AwoQ==
X-Gm-Message-State: APjAAAWOSL3ioC2PB7CVfYGzKvIgvnUbw8BbXD6nfUVb2F15p1hD2755 60L7EeMMHBKbf+1Jrf0LlrV3kYx/jUoBvjRliEI=
X-Google-Smtp-Source: APXvYqxzjkhQ91Lh/62BpxHwvEqwWcFxHex+k+k/KX/FOAdJ9nUK07/jnIYWIxrZLzLLbDS2RcXkMRPpGBcJoshVvHA=
X-Received: by 2002:a2e:84d0:: with SMTP id q16mr16488605ljh.138.1580301134256; Wed, 29 Jan 2020 04:32:14 -0800 (PST)
MIME-Version: 1.0
References: <CAD9ie-topDftG2XOMO0ri0iXQiJGrhH-9-nVndPC238e=EOskg@mail.gmail.com> <7ED74044-CA39-437C-8844-1C16DB3B1EC7@lodderstedt.net>
In-Reply-To: <7ED74044-CA39-437C-8844-1C16DB3B1EC7@lodderstedt.net>
From: Dick Hardt <dick.hardt@gmail.com>
Date: Wed, 29 Jan 2020 04:32:03 -0800
Message-ID: <CAD9ie-tqyp8mbOAD53ThM+g_oacWGtKkw6GoQq3ryTVrh+-KHg@mail.gmail.com>
To: Torsten Lodderstedt <torsten@lodderstedt.net>
Cc: Roman Danyliw <rdd@cert.org>, "txauth@ietf.org" <txauth@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000bedf67059d4687e2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/8K9rl1TieD5jc3usJZ-OOJ3WS2o>
Subject: Re: [Txauth] TxAuth Charter (Take 3.5)
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jan 2020 12:32:18 -0000

Let me know your thoughts after you have read it. :)

On Tue, Jan 28, 2020 at 11:04 PM Torsten Lodderstedt <
torsten@lodderstedt.net> wrote:

>
>
> Am 29.01.2020 um 07:01 schrieb Dick Hardt <dick.hardt@gmail.com>:
>
> 
>
>
> On Tue, Jan 28, 2020 at 9:09 PM Torsten Lodderstedt <
> torsten@lodderstedt.net> wrote:
>
>>
>>
>> > Am 29.01.2020 um 02:13 schrieb Dick Hardt <dick.hardt@gmail.com>:
>> >
>> > All identity claim use cases. A set of these are solved by OpenID
>> Connect, which is an extension to OAuth 2.0. TxAuth would also be a
>> superset of OpenID Connect in addition to OAuth.
>>
>> Don’t you think this would make TxAuth a bit complicated? What would be
>> the benefit?
>
>
> Not any more than today, as many consumer IdPs have both in the same
> flows, and that is what is in the proposed charter.
>
> Having the information all in one document would make it simpler to
> implement and understand.
>
>
> I doubt. If i calculate the size of all relevant oauth specs + all
> relevant openid connect specs (including verified claims), that will most
> likely be a multi 100 pages spec that few people will fully understand and
> be able to review/contribute to and fully & correctly implement.
>
> Modularity and extensibility is key to success of this initiative.
>
> Did you have chance to look at XAuth Torsten?
>
>
> Not in detail.
>
>
> --
> Txauth mailing list
> Txauth@ietf.org
> https://www.ietf.org/mailman/listinfo/txauth
>
>

v2.23.0 | Report a Bug | By Email