Re: [Txauth] Txauth Digest, Vol 9, Issue 44
Yaron Sheffer <yaronf.ietf@gmail.com> Wed, 20 May 2020 11:54 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C69C53A0891 for <txauth@ietfa.amsl.com>; Wed, 20 May 2020 04:54:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uy-nGCDbZDHW for <txauth@ietfa.amsl.com>; Wed, 20 May 2020 04:54:39 -0700 (PDT)
Received: from mail-wr1-x42c.google.com (mail-wr1-x42c.google.com [IPv6:2a00:1450:4864:20::42c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D22C3A0900 for <txauth@ietf.org>; Wed, 20 May 2020 04:54:38 -0700 (PDT)
Received: by mail-wr1-x42c.google.com with SMTP id h17so2820319wrc.8 for <txauth@ietf.org>; Wed, 20 May 2020 04:54:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=user-agent:date:subject:from:to:message-id:thread-topic:references :in-reply-to:mime-version; bh=A/tWHeu4hJ4aPg+GXn5D6e1cjQ9iRW0iu5bgRA6eNBY=; b=qqs+cOlZViHPgjlycUZMVk3nIKlQaPYw4aeWCK6gIkcfTBh7OH7mXHmTCkiUjJuaHA 2DFq39+jvPEk8tYaa1HE7BYEv0XlD/luv2dLaEHmkaWyN+L3i/05JNrOjV9r5BgyIgNE 6t8K0Jc76nPdXVu3N5s9dn5UAn4a8Q+ZWYualsdZ4baViqh5oz8H818NvTfS1NccAs00 eCphq7o1/4Og/DqcgxKW2PvyVBwsjJ69pH30IpmVF9f+f4pu7kP3LiJXnTLb+O3KVPhO 2oQzMq92+1PVITwhbVjF5aaoURLahJ4gY/T0AXNnAnMTK6Jth8CY/TDEFIIiDdXyliqv giiQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:message-id :thread-topic:references:in-reply-to:mime-version; bh=A/tWHeu4hJ4aPg+GXn5D6e1cjQ9iRW0iu5bgRA6eNBY=; b=LhMo8TgoER0NZg3lEtwTcvAGzFtDya7BxYjGAxYkUcFoizQxophHr12AGttyDu19QN 9pirpxa+zNMNKTFcTyEFe31ZvLyF6fHAQGOg4wg9o1U6gm8h0WgMAidFXony2ocWG+zl k8TO9FMTsnBJ4JpxEu9JxFNFvyjKZyxLmBpIJLq9FgkMUWNgtGUqDcR19aS3LTT6R9r0 Pa8TbihCfqnS4LxGS6fIapmDIkj7fUxb3Gq54j/+BtZWQQY6bUlHCkKhYa03K6A4pjY2 Xln89VuwH9jT3YQoc+FLdIF37JJaa+k31RQ7hVCdLw1lxNr4yX8rP7g8WOQq19naatKJ Ae4w==
X-Gm-Message-State: AOAM532IHWxgZLJ5WGbOFfsylsMmLQTvDZhQTtWxt7P+ntqBFBX5brCR 9ONyt2K2QF2h+gS2WQyC9C3Pfcg8nQA=
X-Google-Smtp-Source: ABdhPJyz3ln9yIKggM/q0EthlvLXBAXR1sedUyxeOpsp93Ko49OZ8BboenJePoHyiAt2sQc+hmSDEw==
X-Received: by 2002:adf:d849:: with SMTP id k9mr3835280wrl.304.1589975676923; Wed, 20 May 2020 04:54:36 -0700 (PDT)
Received: from [10.0.0.140] (bzq-79-176-11-75.red.bezeqint.net. [79.176.11.75]) by smtp.gmail.com with ESMTPSA id p65sm2744884wmp.36.2020.05.20.04.54.35 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 20 May 2020 04:54:36 -0700 (PDT)
User-Agent: Microsoft-MacOutlook/16.37.20051002
Date: Wed, 20 May 2020 14:54:35 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
To: Fabien Imbault <fabien.imbault@gmail.com>, txauth@ietf.org
Message-ID: <BA043761-B678-49DE-9B98-7AA54458695C@gmail.com>
Thread-Topic: [Txauth] Txauth Digest, Vol 9, Issue 44
References: <mailman.522.1589968635.8861.txauth@ietf.org> <CAM8feuT5jBZwaUJpSBrQ8hRUD7qaRXR3J+baebf-3i3Rzk0VTw@mail.gmail.com>
In-Reply-To: <CAM8feuT5jBZwaUJpSBrQ8hRUD7qaRXR3J+baebf-3i3Rzk0VTw@mail.gmail.com>
Mime-version: 1.0
Content-type: multipart/alternative; boundary="B_3672831275_1844822673"
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/AtttvESTlGskqecL91eKBR7FImA>
Subject: Re: [Txauth] Txauth Digest, Vol 9, Issue 44
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 May 2020 11:54:42 -0000
Hi Fabien, Please see my email from yesterday for method and calendar. https://mailarchive.ietf.org/arch/msg/txauth/sxMA2D3xkluRwJJGWcPOck7HlT8/ Thanks, Yaron From: Txauth <txauth-bounces@ietf.org> on behalf of Fabien Imbault <fabien.imbault@gmail.com> Date: Wednesday, May 20, 2020 at 13:38 To: <txauth@ietf.org> Subject: Re: [Txauth] Txauth Digest, Vol 9, Issue 44 Hi, Well, I guess the issue with the poll illustrates quite clearly why we need authorization in systems. I'm not sure we really need more names right now, the brainstorming produced quite a large set of possibilities (which Nigel evaluated based on some common requirements), from which we need to choose. My personal opinion is that we need to keep things simple: find a way to decide on a name and start focusing on the specification itself. Let's see what co-chairs propose in terms of method and calendar. Fabien ---------- Forwarded message ---------- From: Nigel Hamilton <nige@123.do> To: txauth@ietf.org Cc: Bcc: Date: Wed, 20 May 2020 06:20:40 +0100 Subject: [Txauth] Name Game (contd) Hi, It's a bit disappointing that the voting went awry. It's normal to go through a few iterations however. I personally like WRAC - as it is distinctive and the expanded acronym helps to explain what it does. I just want to flag up, however, that there are some potential trademark problems with it. If it had been submitted prior to the first poll - it would have appeared in the lower list and not made the first voting round. Cheers Nige ---------- Forwarded message ---------- From: David Skaife <blue.ringed.octopus.guy@gmail.com> To: Yaron Sheffer <yaronf.ietf@gmail.com> Cc: "txauth@ietf.org" <txauth@ietf.org> Bcc: Date: Wed, 20 May 2020 10:50:19 +0100 Subject: Re: [Txauth] Call for WG name preferences Hi Yaron, I think overall the proposed approach is sensible, however, I'm not sure it's a good idea to allow new names to be suggested at the same time as when people are stating which names they would and wouldn't object to. It's going to get very chaotic if new names are being suggested at the same time as this consensus check. Also, what happens if someone suggests a new name a few hours before the deadline giving very little time for people to confirm whether they object to it or not? Would it not be more sensible to draw a line under new name suggestions before we then state our preferences? Many thanks, David Skaife On Tue, May 19, 2020 at 9:34 PM Yaron Sheffer <yaronf.ietf@gmail.com> wrote: Hi! After reviewing the community feedback and discussions with the AD, we’d like to again launch a process to elicit feedback on naming. Our proposal is below. We’d appreciate any clarifying questions, proposed improvements or objections by 0800 UTC, Thursday, May 21st . Thanks, Yaron and Dick PS, I’m sharing the load with Dick and taking point on this consensus call -- Yaron ---- Before we submit the draft charter [1] to the IESG, we wanted to explore the name of the group. During the chartering discussions, some people objected to the BoF name being the WG name. We’d like to get consensus on what the WG name should be. Our first attempt to elicit input [2] wasn’t successful, and this is a second attempt to get consensus from the community. To get to consensus, we want to gather preferences on the currently known WG name candidates. Our goal is not to select the most popular name -- it is to select a name everyone can live with and ensure that we understand and weigh any objections there might be with that choice. To that end, we’d like to elicit your name preferences in the following way: (1) In previous discussions, the following candidate names have been voiced (we have listed only these names that received at least one vote previously): * AAuthZ Alternative Authorization Protocol (AAuthZ) * AZARP AuthoriZed Access to Resources Protocol * AZARAP AuthoriZation And Resource Access Protocol * BeBAuthZ Back-end Based Authorization Protocol * BYOAuthZ Build-Your-Own Authorization Protocol * CPAAP Comprehensive Privileged Authentication Authorization Protocol * DAZARAP Delegated AuthoriZation And Resource Access Protocol * DIYAuthZ Do-It-Yourself Authorization Protocol * GNAP Grant Negotiation and Authorization Protocol * GranPro GRAnt Negotiation Protocol * IDPAuthZ Intent Driven Protocol for Authorization * NIRAD Negotiation of Intent Registration and Authority Delegation * PAuthZ Protocol for Authorization * RefAuthZ Refactored Authorization Protocol * ReAuthZ Reimagined Authorization Protocol * TIAAP Tokenized Identity and Access Protocol * TIDEAuth Trust via Intent Driven Extension Auth * TIDYAuth Trust via Intent Driven Yield Auth * TIEAuth Trust via Intent Extension Auth * TINOA This Is Not OAuth * TXAuth Testable eXtensible Authorization * TxAuth Transmission of Authority * TXAuth Truly eXtensible Authorization * XAuthZ eXtensible authoriZation protocol We would ask that you consider these names, and respond to the list with your selection of the following two categories: * “Wouldn’t Object” -- this is not necessarily your preferred name, but you would be comfortable with it being the name of the WG (choose as many names as you want) * “Object” -- you would be uncomfortable with the WG being named in this way (choose as many names as you want; please provide an explanation) (2) If your preferred name isn’t in the list per (1), you can send a note to the mailing list stating that you’d like the WG to consider a new name. Please ensure the name adheres to the previously discussed naming criteria at [3]. We still request that you provide your other preferences and objections. (3) If you previously sent in your preferences, but a new name suggestion or someone’s objection changed your mind, then send another message to the mailing list with your revised preferences. For the purposes of consensus, we’ll assume that everyone who hasn’t commented on a new name introduced per (2) “objects” to it (i.e., we want to hear positive confirmation of preference on new names). (4) Please provide your input by 0800 UTC June 4, 2020. With that input, our plan is to assess rough consensus in the following way: (a) See if there is consensus for a name identified given the “wouldn’t object to being the WG name” preference and the level of “would object” feedback (b) If there isn’t clear consensus with (a), but a significantly reduced set of candidates around which there is enthusiasm, the chairs will share the results and request feedback (c) If rough consensus appears to be reached through steps (a) – (b), revisit the objections to this candidate name, elicit additional objections and see if they change the consensus. Regards, Yaron and Dick [1] https://datatracker.ietf.org/doc/charter-ietf-txauth/ [2] https://mailarchive.ietf.org/arch/msg/txauth/GnTUvD191MGMF63Oe3VTqkYi0Wg/ [3] https://mailarchive.ietf.org/arch/msg/txauth/lAe06IW4nihUzyTkWVDcq8rnUa8/ -- Txauth mailing list Txauth@ietf.org https://www.ietf.org/mailman/listinfo/txauth ---------- Forwarded message ---------- From: Yaron Sheffer <yaronf.ietf@gmail.com> To: David Skaife <blue.ringed.octopus.guy@gmail.com> Cc: "txauth@ietf.org" <txauth@ietf.org> Bcc: Date: Wed, 20 May 2020 12:57:07 +0300 Subject: Re: [Txauth] Call for WG name preferences Maybe, but the proposal makes it clear that the default for new names is that we consider everyone to “object” to them unless explicitly told otherwise. So people will understand that the only way for a name to have a chance is to propose it early in the game. Thanks, Yaron From: David Skaife <blue.ringed.octopus.guy@gmail.com> Date: Wednesday, May 20, 2020 at 12:50 To: Yaron Sheffer <yaronf.ietf@gmail.com> Cc: "txauth@ietf.org" <txauth@ietf.org> Subject: Re: [Txauth] Call for WG name preferences Hi Yaron, I think overall the proposed approach is sensible, however, I'm not sure it's a good idea to allow new names to be suggested at the same time as when people are stating which names they would and wouldn't object to. It's going to get very chaotic if new names are being suggested at the same time as this consensus check. Also, what happens if someone suggests a new name a few hours before the deadline giving very little time for people to confirm whether they object to it or not? Would it not be more sensible to draw a line under new name suggestions before we then state our preferences? Many thanks, David Skaife On Tue, May 19, 2020 at 9:34 PM Yaron Sheffer <yaronf.ietf@gmail.com> wrote: Hi! After reviewing the community feedback and discussions with the AD, we’d like to again launch a process to elicit feedback on naming. Our proposal is below. We’d appreciate any clarifying questions, proposed improvements or objections by 0800 UTC, Thursday, May 21st . Thanks, Yaron and Dick PS, I’m sharing the load with Dick and taking point on this consensus call -- Yaron ---- Before we submit the draft charter [1] to the IESG, we wanted to explore the name of the group. During the chartering discussions, some people objected to the BoF name being the WG name. We’d like to get consensus on what the WG name should be. Our first attempt to elicit input [2] wasn’t successful, and this is a second attempt to get consensus from the community. To get to consensus, we want to gather preferences on the currently known WG name candidates. Our goal is not to select the most popular name -- it is to select a name everyone can live with and ensure that we understand and weigh any objections there might be with that choice. To that end, we’d like to elicit your name preferences in the following way: (1) In previous discussions, the following candidate names have been voiced (we have listed only these names that received at least one vote previously): * AAuthZ Alternative Authorization Protocol (AAuthZ) * AZARP AuthoriZed Access to Resources Protocol * AZARAP AuthoriZation And Resource Access Protocol * BeBAuthZ Back-end Based Authorization Protocol * BYOAuthZ Build-Your-Own Authorization Protocol * CPAAP Comprehensive Privileged Authentication Authorization Protocol * DAZARAP Delegated AuthoriZation And Resource Access Protocol * DIYAuthZ Do-It-Yourself Authorization Protocol * GNAP Grant Negotiation and Authorization Protocol * GranPro GRAnt Negotiation Protocol * IDPAuthZ Intent Driven Protocol for Authorization * NIRAD Negotiation of Intent Registration and Authority Delegation * PAuthZ Protocol for Authorization * RefAuthZ Refactored Authorization Protocol * ReAuthZ Reimagined Authorization Protocol * TIAAP Tokenized Identity and Access Protocol * TIDEAuth Trust via Intent Driven Extension Auth * TIDYAuth Trust via Intent Driven Yield Auth * TIEAuth Trust via Intent Extension Auth * TINOA This Is Not OAuth * TXAuth Testable eXtensible Authorization * TxAuth Transmission of Authority * TXAuth Truly eXtensible Authorization * XAuthZ eXtensible authoriZation protocol We would ask that you consider these names, and respond to the list with your selection of the following two categories: * “Wouldn’t Object” -- this is not necessarily your preferred name, but you would be comfortable with it being the name of the WG (choose as many names as you want) * “Object” -- you would be uncomfortable with the WG being named in this way (choose as many names as you want; please provide an explanation) (2) If your preferred name isn’t in the list per (1), you can send a note to the mailing list stating that you’d like the WG to consider a new name. Please ensure the name adheres to the previously discussed naming criteria at [3]. We still request that you provide your other preferences and objections. (3) If you previously sent in your preferences, but a new name suggestion or someone’s objection changed your mind, then send another message to the mailing list with your revised preferences. For the purposes of consensus, we’ll assume that everyone who hasn’t commented on a new name introduced per (2) “objects” to it (i.e., we want to hear positive confirmation of preference on new names). (4) Please provide your input by 0800 UTC June 4, 2020. With that input, our plan is to assess rough consensus in the following way: (a) See if there is consensus for a name identified given the “wouldn’t object to being the WG name” preference and the level of “would object” feedback (b) If there isn’t clear consensus with (a), but a significantly reduced set of candidates around which there is enthusiasm, the chairs will share the results and request feedback (c) If rough consensus appears to be reached through steps (a) – (b), revisit the objections to this candidate name, elicit additional objections and see if they change the consensus. Regards, Yaron and Dick [1] https://datatracker.ietf.org/doc/charter-ietf-txauth/ [2] https://mailarchive.ietf.org/arch/msg/txauth/GnTUvD191MGMF63Oe3VTqkYi0Wg/ [3] https://mailarchive.ietf.org/arch/msg/txauth/lAe06IW4nihUzyTkWVDcq8rnUa8/ -- Txauth mailing list Txauth@ietf.org https://www.ietf.org/mailman/listinfo/txauth Txauth mailing list Txauth@ietf.org https://www.ietf.org/mailman/listinfo/txauth -- Txauth mailing list Txauth@ietf.org https://www.ietf.org/mailman/listinfo/txauth
- Re: [Txauth] Txauth Digest, Vol 9, Issue 44 Fabien Imbault
- Re: [Txauth] Txauth Digest, Vol 9, Issue 44 Yaron Sheffer