Re: [Txauth] Txauth Digest, Vol 9, Issue 44

Yaron Sheffer <yaronf.ietf@gmail.com> Wed, 20 May 2020 11:54 UTC

Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C69C53A0891 for <txauth@ietfa.amsl.com>; Wed, 20 May 2020 04:54:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uy-nGCDbZDHW for <txauth@ietfa.amsl.com>; Wed, 20 May 2020 04:54:39 -0700 (PDT)
Received: from mail-wr1-x42c.google.com (mail-wr1-x42c.google.com [IPv6:2a00:1450:4864:20::42c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D22C3A0900 for <txauth@ietf.org>; Wed, 20 May 2020 04:54:38 -0700 (PDT)
Received: by mail-wr1-x42c.google.com with SMTP id h17so2820319wrc.8 for <txauth@ietf.org>; Wed, 20 May 2020 04:54:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=user-agent:date:subject:from:to:message-id:thread-topic:references :in-reply-to:mime-version; bh=A/tWHeu4hJ4aPg+GXn5D6e1cjQ9iRW0iu5bgRA6eNBY=; b=qqs+cOlZViHPgjlycUZMVk3nIKlQaPYw4aeWCK6gIkcfTBh7OH7mXHmTCkiUjJuaHA 2DFq39+jvPEk8tYaa1HE7BYEv0XlD/luv2dLaEHmkaWyN+L3i/05JNrOjV9r5BgyIgNE 6t8K0Jc76nPdXVu3N5s9dn5UAn4a8Q+ZWYualsdZ4baViqh5oz8H818NvTfS1NccAs00 eCphq7o1/4Og/DqcgxKW2PvyVBwsjJ69pH30IpmVF9f+f4pu7kP3LiJXnTLb+O3KVPhO 2oQzMq92+1PVITwhbVjF5aaoURLahJ4gY/T0AXNnAnMTK6Jth8CY/TDEFIIiDdXyliqv giiQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:message-id :thread-topic:references:in-reply-to:mime-version; bh=A/tWHeu4hJ4aPg+GXn5D6e1cjQ9iRW0iu5bgRA6eNBY=; b=LhMo8TgoER0NZg3lEtwTcvAGzFtDya7BxYjGAxYkUcFoizQxophHr12AGttyDu19QN 9pirpxa+zNMNKTFcTyEFe31ZvLyF6fHAQGOg4wg9o1U6gm8h0WgMAidFXony2ocWG+zl k8TO9FMTsnBJ4JpxEu9JxFNFvyjKZyxLmBpIJLq9FgkMUWNgtGUqDcR19aS3LTT6R9r0 Pa8TbihCfqnS4LxGS6fIapmDIkj7fUxb3Gq54j/+BtZWQQY6bUlHCkKhYa03K6A4pjY2 Xln89VuwH9jT3YQoc+FLdIF37JJaa+k31RQ7hVCdLw1lxNr4yX8rP7g8WOQq19naatKJ Ae4w==
X-Gm-Message-State: AOAM532IHWxgZLJ5WGbOFfsylsMmLQTvDZhQTtWxt7P+ntqBFBX5brCR 9ONyt2K2QF2h+gS2WQyC9C3Pfcg8nQA=
X-Google-Smtp-Source: ABdhPJyz3ln9yIKggM/q0EthlvLXBAXR1sedUyxeOpsp93Ko49OZ8BboenJePoHyiAt2sQc+hmSDEw==
X-Received: by 2002:adf:d849:: with SMTP id k9mr3835280wrl.304.1589975676923; Wed, 20 May 2020 04:54:36 -0700 (PDT)
Received: from [10.0.0.140] (bzq-79-176-11-75.red.bezeqint.net. [79.176.11.75]) by smtp.gmail.com with ESMTPSA id p65sm2744884wmp.36.2020.05.20.04.54.35 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 20 May 2020 04:54:36 -0700 (PDT)
User-Agent: Microsoft-MacOutlook/16.37.20051002
Date: Wed, 20 May 2020 14:54:35 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
To: Fabien Imbault <fabien.imbault@gmail.com>, <txauth@ietf.org>
Message-ID: <BA043761-B678-49DE-9B98-7AA54458695C@gmail.com>
Thread-Topic: [Txauth] Txauth Digest, Vol 9, Issue 44
References: <mailman.522.1589968635.8861.txauth@ietf.org> <CAM8feuT5jBZwaUJpSBrQ8hRUD7qaRXR3J+baebf-3i3Rzk0VTw@mail.gmail.com>
In-Reply-To: <CAM8feuT5jBZwaUJpSBrQ8hRUD7qaRXR3J+baebf-3i3Rzk0VTw@mail.gmail.com>
Mime-version: 1.0
Content-type: multipart/alternative; boundary="B_3672831275_1844822673"
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/AtttvESTlGskqecL91eKBR7FImA>
Subject: Re: [Txauth] Txauth Digest, Vol 9, Issue 44
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 May 2020 11:54:42 -0000

Hi Fabien,

 

Please see my email from yesterday for method and calendar.

 

https://mailarchive.ietf.org/arch/msg/txauth/sxMA2D3xkluRwJJGWcPOck7HlT8/

 

Thanks,

                Yaron

 

From: Txauth <txauth-bounces@ietf.org> on behalf of Fabien Imbault <fabien.imbault@gmail.com>
Date: Wednesday, May 20, 2020 at 13:38
To: <txauth@ietf.org>
Subject: Re: [Txauth] Txauth Digest, Vol 9, Issue 44

 

Hi, 

 

Well, I guess the issue with the poll illustrates quite clearly why we need authorization in systems.

 

I'm not sure we really need more names right now, the brainstorming produced quite a large set of possibilities (which Nigel evaluated based on some common requirements), from which we need to choose. 

My personal opinion is that we need to keep things simple: find a way to decide on a name and start focusing on the specification itself.

 

Let's see what co-chairs propose in terms of method and calendar. 

 

Fabien

 



---------- Forwarded message ----------
From: Nigel Hamilton <nige@123.do>
To: txauth@ietf.org
Cc: 
Bcc: 
Date: Wed, 20 May 2020 06:20:40 +0100
Subject: [Txauth] Name Game (contd)

Hi,

 

It's a bit disappointing that the voting went awry. It's normal to go through a few iterations however.

 

I personally like WRAC - as it is distinctive and the expanded acronym helps to explain what it does. I just want to flag up, however, that there are some potential trademark problems with it. If it had been submitted prior to the first poll - it would have appeared in the lower list and not made the first voting round. 

 

Cheers

 

Nige

 




---------- Forwarded message ----------
From: David Skaife <blue.ringed.octopus.guy@gmail.com>
To: Yaron Sheffer <yaronf.ietf@gmail.com>
Cc: "txauth@ietf.org" <txauth@ietf.org>
Bcc: 
Date: Wed, 20 May 2020 10:50:19 +0100
Subject: Re: [Txauth] Call for WG name preferences

Hi Yaron,

 

I think overall the proposed approach is sensible, however, I'm not sure it's a good idea to allow new names to be suggested at the same time as when people are stating which names they would and wouldn't object to. It's going to get very chaotic if new names are being suggested at the same time as this consensus check. Also, what happens if someone suggests a new name a few hours before the deadline giving very little time for people to confirm whether they object to it or not?


Would it not be more sensible to draw a line under new name suggestions before we then state our preferences?


Many thanks,

David Skaife

 

On Tue, May 19, 2020 at 9:34 PM Yaron Sheffer <yaronf.ietf@gmail.com> wrote:

Hi!

After reviewing the community feedback and discussions with the AD, we’d like to again launch a process to elicit feedback on naming.  Our proposal is below.  We’d appreciate any clarifying questions, proposed improvements or objections by 0800 UTC, Thursday, May 21st .

Thanks,
        Yaron and Dick  

PS, I’m sharing the load with Dick and taking point on this consensus call -- Yaron

----

Before we submit the draft charter [1] to the IESG, we wanted to explore the name of the group. During the chartering discussions, some people objected to the BoF name being the WG name.  We’d like to get consensus on what the WG name should be.  Our first attempt to elicit input [2] wasn’t successful, and this is a second attempt to get consensus from the community.

To get to consensus, we want to gather preferences on the currently known WG name candidates. Our goal is not to select the most popular name -- it is to select a name everyone can live with and ensure that we understand and weigh any objections there might be with that choice.  To that end, we’d like to elicit your name preferences in the following way:

 (1) In previous discussions, the following candidate names have been voiced (we have listed only these names that received at least one vote previously):

* AAuthZ    Alternative Authorization Protocol (AAuthZ)
* AZARP    AuthoriZed Access to Resources Protocol
* AZARAP    AuthoriZation And Resource Access Protocol
* BeBAuthZ    Back-end Based Authorization Protocol
* BYOAuthZ    Build-Your-Own Authorization Protocol
* CPAAP    Comprehensive Privileged Authentication Authorization Protocol
* DAZARAP    Delegated AuthoriZation And Resource Access Protocol
* DIYAuthZ    Do-It-Yourself Authorization Protocol
* GNAP    Grant Negotiation and Authorization Protocol
* GranPro    GRAnt Negotiation Protocol
* IDPAuthZ    Intent Driven Protocol for Authorization
* NIRAD    Negotiation of Intent Registration and Authority Delegation
* PAuthZ    Protocol for Authorization
* RefAuthZ    Refactored Authorization Protocol
* ReAuthZ    Reimagined Authorization Protocol
* TIAAP    Tokenized Identity and Access Protocol
* TIDEAuth    Trust via Intent Driven Extension Auth
* TIDYAuth    Trust via Intent Driven Yield Auth
* TIEAuth    Trust via Intent Extension Auth
* TINOA   This Is Not OAuth
* TXAuth    Testable eXtensible Authorization
* TxAuth      Transmission of Authority
* TXAuth      Truly eXtensible Authorization
* XAuthZ    eXtensible authoriZation protocol

We would ask that you consider these names, and respond to the list with your selection of the following two categories:

* “Wouldn’t Object” -- this is not necessarily your preferred name, but you would be comfortable with it being the name of the WG (choose as many names as you want)
* “Object” -- you would be uncomfortable with the WG being named in this way (choose as many names as you want; please provide an explanation)

(2) If your preferred name isn’t in the list per (1), you can send a note to the mailing list stating that you’d like the WG to consider a new name.  Please ensure the name adheres to the previously discussed naming criteria at [3]. We still request that you provide your other preferences and objections.

(3) If you previously sent in your preferences, but a new name suggestion or someone’s objection changed your mind, then send another message to the mailing list with your revised preferences.  For the purposes of consensus, we’ll assume that everyone who hasn’t commented on a new name introduced per (2) “objects” to it (i.e., we want to hear positive confirmation of preference on new names).

(4) Please provide your input by 0800 UTC June 4, 2020.

With that input, our plan is to assess rough consensus in the following way:

(a) See if there is consensus for a name identified given the “wouldn’t object to being the WG name” preference and the level of “would object” feedback

(b) If there isn’t clear consensus with (a), but a significantly reduced set of candidates around which there is enthusiasm, the chairs will share the results and request feedback

(c) If rough consensus appears to be reached through steps (a) – (b), revisit the objections to this candidate name, elicit additional objections and see if they change the consensus.

Regards,
        Yaron and Dick

[1] https://datatracker.ietf.org/doc/charter-ietf-txauth/
[2] https://mailarchive.ietf.org/arch/msg/txauth/GnTUvD191MGMF63Oe3VTqkYi0Wg/
[3] https://mailarchive.ietf.org/arch/msg/txauth/lAe06IW4nihUzyTkWVDcq8rnUa8/


-- 
Txauth mailing list
Txauth@ietf.org
https://www.ietf.org/mailman/listinfo/txauth




---------- Forwarded message ----------
From: Yaron Sheffer <yaronf.ietf@gmail.com>
To: David Skaife <blue.ringed.octopus.guy@gmail.com>
Cc: "txauth@ietf.org" <txauth@ietf.org>
Bcc: 
Date: Wed, 20 May 2020 12:57:07 +0300
Subject: Re: [Txauth] Call for WG name preferences

Maybe, but the proposal makes it clear that the default for new names is that we consider everyone to “object” to them unless explicitly told otherwise. So people will understand that the only way for a name to have a chance is to propose it early in the game. 

 

Thanks,

                Yaron

 

From: David Skaife <blue.ringed.octopus.guy@gmail.com>
Date: Wednesday, May 20, 2020 at 12:50
To: Yaron Sheffer <yaronf.ietf@gmail.com>
Cc: "txauth@ietf.org" <txauth@ietf.org>
Subject: Re: [Txauth] Call for WG name preferences

 

Hi Yaron,

 

I think overall the proposed approach is sensible, however, I'm not sure it's a good idea to allow new names to be suggested at the same time as when people are stating which names they would and wouldn't object to. It's going to get very chaotic if new names are being suggested at the same time as this consensus check. Also, what happens if someone suggests a new name a few hours before the deadline giving very little time for people to confirm whether they object to it or not?


Would it not be more sensible to draw a line under new name suggestions before we then state our preferences?


Many thanks,

David Skaife

 

On Tue, May 19, 2020 at 9:34 PM Yaron Sheffer <yaronf.ietf@gmail.com> wrote:

Hi!

After reviewing the community feedback and discussions with the AD, we’d like to again launch a process to elicit feedback on naming.  Our proposal is below.  We’d appreciate any clarifying questions, proposed improvements or objections by 0800 UTC, Thursday, May 21st .

Thanks,
        Yaron and Dick  

PS, I’m sharing the load with Dick and taking point on this consensus call -- Yaron

----

Before we submit the draft charter [1] to the IESG, we wanted to explore the name of the group. During the chartering discussions, some people objected to the BoF name being the WG name.  We’d like to get consensus on what the WG name should be.  Our first attempt to elicit input [2] wasn’t successful, and this is a second attempt to get consensus from the community.

To get to consensus, we want to gather preferences on the currently known WG name candidates. Our goal is not to select the most popular name -- it is to select a name everyone can live with and ensure that we understand and weigh any objections there might be with that choice.  To that end, we’d like to elicit your name preferences in the following way:

 (1) In previous discussions, the following candidate names have been voiced (we have listed only these names that received at least one vote previously):

* AAuthZ    Alternative Authorization Protocol (AAuthZ)
* AZARP    AuthoriZed Access to Resources Protocol
* AZARAP    AuthoriZation And Resource Access Protocol
* BeBAuthZ    Back-end Based Authorization Protocol
* BYOAuthZ    Build-Your-Own Authorization Protocol
* CPAAP    Comprehensive Privileged Authentication Authorization Protocol
* DAZARAP    Delegated AuthoriZation And Resource Access Protocol
* DIYAuthZ    Do-It-Yourself Authorization Protocol
* GNAP    Grant Negotiation and Authorization Protocol
* GranPro    GRAnt Negotiation Protocol
* IDPAuthZ    Intent Driven Protocol for Authorization
* NIRAD    Negotiation of Intent Registration and Authority Delegation
* PAuthZ    Protocol for Authorization
* RefAuthZ    Refactored Authorization Protocol
* ReAuthZ    Reimagined Authorization Protocol
* TIAAP    Tokenized Identity and Access Protocol
* TIDEAuth    Trust via Intent Driven Extension Auth
* TIDYAuth    Trust via Intent Driven Yield Auth
* TIEAuth    Trust via Intent Extension Auth
* TINOA   This Is Not OAuth
* TXAuth    Testable eXtensible Authorization
* TxAuth      Transmission of Authority
* TXAuth      Truly eXtensible Authorization
* XAuthZ    eXtensible authoriZation protocol

We would ask that you consider these names, and respond to the list with your selection of the following two categories:

* “Wouldn’t Object” -- this is not necessarily your preferred name, but you would be comfortable with it being the name of the WG (choose as many names as you want)
* “Object” -- you would be uncomfortable with the WG being named in this way (choose as many names as you want; please provide an explanation)

(2) If your preferred name isn’t in the list per (1), you can send a note to the mailing list stating that you’d like the WG to consider a new name.  Please ensure the name adheres to the previously discussed naming criteria at [3]. We still request that you provide your other preferences and objections.

(3) If you previously sent in your preferences, but a new name suggestion or someone’s objection changed your mind, then send another message to the mailing list with your revised preferences.  For the purposes of consensus, we’ll assume that everyone who hasn’t commented on a new name introduced per (2) “objects” to it (i.e., we want to hear positive confirmation of preference on new names).

(4) Please provide your input by 0800 UTC June 4, 2020.

With that input, our plan is to assess rough consensus in the following way:

(a) See if there is consensus for a name identified given the “wouldn’t object to being the WG name” preference and the level of “would object” feedback

(b) If there isn’t clear consensus with (a), but a significantly reduced set of candidates around which there is enthusiasm, the chairs will share the results and request feedback

(c) If rough consensus appears to be reached through steps (a) – (b), revisit the objections to this candidate name, elicit additional objections and see if they change the consensus.

Regards,
        Yaron and Dick

[1] https://datatracker.ietf.org/doc/charter-ietf-txauth/
[2] https://mailarchive.ietf.org/arch/msg/txauth/GnTUvD191MGMF63Oe3VTqkYi0Wg/
[3] https://mailarchive.ietf.org/arch/msg/txauth/lAe06IW4nihUzyTkWVDcq8rnUa8/


-- 
Txauth mailing list
Txauth@ietf.org
https://www.ietf.org/mailman/listinfo/txauth

Txauth mailing list
Txauth@ietf.org
https://www.ietf.org/mailman/listinfo/txauth

-- Txauth mailing list Txauth@ietf.org https://www.ietf.org/mailman/listinfo/txauth