[GNAP] Split tokens

Justin Richer <jricher@mit.edu> Wed, 27 April 2022 23:22 UTC

Return-Path: <jricher@mit.edu>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F1ABC159522 for <txauth@ietfa.amsl.com>; Wed, 27 Apr 2022 16:22:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oYg0m9EEjfSR for <txauth@ietfa.amsl.com>; Wed, 27 Apr 2022 16:22:11 -0700 (PDT)
Received: from outgoing-exchange-1.mit.edu (outgoing-exchange-1.mit.edu [18.9.28.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E048C157B5C for <TxAuth@ietf.org>; Wed, 27 Apr 2022 16:22:08 -0700 (PDT)
Received: from oc11exedge2.exchange.mit.edu (OC11EXEDGE2.EXCHANGE.MIT.EDU [18.9.3.18]) by outgoing-exchange-1.mit.edu (8.14.7/8.12.4) with ESMTP id 23RNJoBT006775 for <TxAuth@ietf.org>; Wed, 27 Apr 2022 19:22:07 -0400
Received: from w92expo18.exchange.mit.edu (18.7.74.72) by oc11exedge2.exchange.mit.edu (18.9.3.18) with Microsoft SMTP Server (TLS) id 15.0.1497.32; Wed, 27 Apr 2022 19:21:10 -0400
Received: from oc11expo18.exchange.mit.edu (18.9.4.49) by w92expo18.exchange.mit.edu (18.7.74.72) with Microsoft SMTP Server (TLS) id 15.0.1497.23; Wed, 27 Apr 2022 19:21:47 -0400
Received: from oc11expo18.exchange.mit.edu ([18.9.4.49]) by oc11expo18.exchange.mit.edu ([18.9.4.49]) with mapi id 15.00.1497.023; Wed, 27 Apr 2022 19:21:47 -0400
From: Justin Richer <jricher@mit.edu>
To: "TxAuth@ietf.org" <TxAuth@ietf.org>
Thread-Topic: Split tokens
Thread-Index: AQHYWo0L7FGzAwrA+E6qez6NDGQAVw==
Date: Wed, 27 Apr 2022 23:21:47 +0000
Message-ID: <16f4942905b24c5188d5052abbc4865c@oc11expo18.exchange.mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.58.35.244]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/HzVa0Nt6IThXcywsuVd6Lr_1fhQ>
Subject: [GNAP] Split tokens
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: GNAP <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Apr 2022 23:22:13 -0000

The current core draft has a feature that allows for a requested set of access to be split into multiple tokens. This feature complicates the access token descriptions and causes exceptions to the expected usual behavior. I've had a chance to chat with the folks who initially proposed this and they are not looking to implement it themselves in the near term. I also don't know of any implementations of this advanced feature in the wild. Therefore, I would like to propose that we remove this feature from the core and create an extension I-D to document the feature that should be picked up by whoever wants/needs this.

-Justin