IETF Logo Mail Archive

Re: [Txauth] WG name: TxAuth? XAuth? Something else?

Mike Jones <Michael.Jones@microsoft.com> Tue, 17 March 2020 16:24 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0871D3A02BB for <txauth@ietfa.amsl.com>; Tue, 17 Mar 2020 09:24:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IrmMEJKuUIec for <txauth@ietfa.amsl.com>; Tue, 17 Mar 2020 09:24:23 -0700 (PDT)
Received: from NAM06-DM3-obe.outbound.protection.outlook.com (mail-eopbgr640117.outbound.protection.outlook.com [40.107.64.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 075203A0829 for <txauth@ietf.org>; Tue, 17 Mar 2020 09:24:22 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CojEzhBuCaYvUbMxYB9oh62DXAP2ZwANMyqK1VA3PeKp6zwqd1fa6rNxnK2nDIebbfq+QRlM1VQFy61LgJ7Y6hRKNtMYzKPfyzBbd96wWnIkLz0nL9yJQsA5k/gWa5a/xDAkS1xS5sEVOx/y4F2qotubx4Bfq2aNbWZ2TswF8oNnr6a+0sx7CzwlQvcHHBH+7kTUyNekIFz7J38BQmC9mGMjbxawWyqRB/gFBnfIogjyFfdANhsXCGEaUtET+C6XqSHe2x3b+yNz3q0Gm71U+JIACdnAVoxvO3DBSfLuvxsjHDZnoLdhhHZNTniNJLa5ZT/jxhhmra30ABwyrRn4sQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;bh=LFM/U2ZGP9rPSnvCLs0ypTjOHHmzydBxRA6aA+1uNa0=; b=imL5U53hrKktdpQHUtEB8ANnzqGJHy39p80AISSbA4PwjNhBoUjeGgpbXvQB80HH26OjhNwc0jMHG2FIRmCeuZsaGWC4huWtHKZANnxMoQQjamnhU6ZgZTHhAj5o9UEHSDQ7oAUlFnKL9q3Bq+2GLuWQBEYCf0Rb+4TQL29LU0LNyltUE4hglbAthSixfMTLqZWIMTXJ/YUOVc5MYwAmPw0h0wj3GEAtWDC3Xpl9MALxrqF54GP7o/k+UodGkGMTZavNxXh98nKj8prRK4EhoAuRMOk4M+MVCfqT4VRtw3dobXqqrDRTN954Hd814i3pDKNXJK/1UsTqeFZlHKKZGw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;bh=LFM/U2ZGP9rPSnvCLs0ypTjOHHmzydBxRA6aA+1uNa0=; b=WTa0RlrRvBG/tUrQaqVN13lZYNXak/TqCVic554qBoFZE/XTxOv9tR0w0CB+afDxMoWTkDJ0IOWYao++jcv1q6n1PTfqbmBkcrcUTaYidEf5J6HaEWGKlSfENt5osEmLK43+vLhKfRMrGFytb9KfZMQ5pHL8h+3v7Xj8aq5hpOw=
Received: from CH2PR00MB0678.namprd00.prod.outlook.com (2603:10b6:610:a9::23) by CH2PR00MB0712.namprd00.prod.outlook.com (2603:10b6:610:ad::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2871.0; Tue, 17 Mar 2020 16:24:16 +0000
Received: from CH2PR00MB0678.namprd00.prod.outlook.com ([fe80::a56a:2989:f37f:7a7a]) by CH2PR00MB0678.namprd00.prod.outlook.com ([fe80::a56a:2989:f37f:7a7a%3]) with mapi id 15.20.2872.000; Tue, 17 Mar 2020 16:24:16 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Justin Richer <jricher@mit.edu>, Dick Hardt <dick.hardt@gmail.com>
CC: Yaron Sheffer <yaronf.ietf@gmail.com>, "txauth@ietf.org" <txauth@ietf.org>
Thread-Topic: [Txauth] WG name: TxAuth? XAuth? Something else?
Thread-Index: AdX8eH75j5z5QGTpTDekVlY+cheNqQ==
Date: Tue, 17 Mar 2020 16:24:16 +0000
Message-ID: <CH2PR00MB0678313B29175587B7CD3E1AF5F60@CH2PR00MB0678.namprd00.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=d1793ebb-37b8-4441-a06e-00008ff09252; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2020-03-17T16:21:27Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [50.47.81.134]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 0dcc3ca8-4d0f-437b-79ed-08d7ca8fa361
x-ms-traffictypediagnostic: CH2PR00MB0712:
x-microsoft-antispam-prvs: <CH2PR00MB0712DD7720DAB09CC7C13C3DF5F60@CH2PR00MB0712.namprd00.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:3513;
x-forefront-prvs: 0345CFD558
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6029001)(4636009)(366004)(346002)(376002)(39860400002)(396003)(136003)(199004)(9686003)(71200400001)(6506007)(53546011)(66574012)(10290500003)(861006)(8936002)(81166006)(66556008)(52536014)(81156014)(5660300002)(110136005)(66446008)(54906003)(76116006)(7696005)(8676002)(66476007)(66946007)(64756008)(55016002)(86362001)(316002)(186003)(478600001)(33656002)(2906002)(26005)(8990500004)(4326008)(966005)(99710200001); DIR:OUT; SFP:1102; SCL:1; SRVR:CH2PR00MB0712; H:CH2PR00MB0678.namprd00.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Rmn+6WoBP7duQRH1K1ZToEG/57QPQILNhIsOE+yxQQOJdjVZ5eboyx+C56Z5OVzUyTpNPqTYerbNSVZ4k9GvX2/x6PbiJFcS3JmuEFE792sAXueqEybICJ42+vYg/Fi97UdCOU+6iUNjhq+qmPlSD0xnwDbinmvGs3isey0O98yYFoCnNkpJSUMGNjQYBuyq9jTrPMoCtx81O7uPrHT2l4szL+bf2Gwxik2y0OldCOz9EHEbGXHLuXWqKNwSGlY47ENHovWdW/C+HjD9X6VEigaWDoBqxo+XCw8lVcKbZtgF5KkCr2mVk8HoJ3LERngxgTrHs2mt7p/Nq/MTlg0rRIvsDrfBtwiFwgNEXo5ltg3PAaFsES/eBTbkAfuZA1b+kXQaOMEfo491UPatUP9wqPcpgYH6eIDRURRXgzP5wWsHy7iJFYGE0KohLmNqmjDpziIbBQqX84Ud9RJzW8X/9t9YPxOdVfd5J0w/i75kxqlTICZ8/+cTtquO6AHA6hhhqTN8bZuAWokieGoWFCrQSc46eJnVNxU9cPITHHPiLMW/M+WIm0cq0EyYUExO/MWgMemgJoTXissPwsLXnHboGw==
x-ms-exchange-antispam-messagedata: QdIh2GbEA0wROpzEV2QLkM+zwmSfZpsKGJabGFYJHO31qc2ZmYC1x+TZNuD1zX7+ktOllVl8FTJPm3+gS6YPbidDxUUynuCDGZ3xljhnk9pLxiKOHON/Jpps6RrEBNIsphNGLce1YTRXDDe9ARk3JA==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_CH2PR00MB0678313B29175587B7CD3E1AF5F60CH2PR00MB0678namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 0dcc3ca8-4d0f-437b-79ed-08d7ca8fa361
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Mar 2020 16:24:16.5108 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: o4+IO+aYndRkZUI+KXxpKxkCTRPmSc6zemDkU4Gdub4nSPpSoWAtRZV4n7+Wr8qZghqeyPToKiGzhw6j5jiq6Q==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR00MB0712
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/LxzAEVBF80cyWSIjSiKG5m0hrsM>
Subject: Re: [Txauth] WG name: TxAuth? XAuth? Something else?
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Mar 2020 16:24:42 -0000

If this work were happening in the OAuth working group, calling it OAuth 3 would be a decision that could be taken by the working group.  But unless it moves to the OAuth working group, I believe that it would be unreasonable to usurp branding belonging to a different working group.  TxAuth should have its own distinct brand chosen by its to-be-formed working group.

                                                       -- Mike

From: Txauth <txauth-bounces@ietf.org> On Behalf Of Justin Richer
Sent: Tuesday, March 17, 2020 6:11 AM
To: Dick Hardt <dick.hardt@gmail.com>
Cc: Yaron Sheffer <yaronf.ietf@gmail.com>; txauth@ietf.org
Subject: Re: [Txauth] WG name: TxAuth? XAuth? Something else?

And another thought — there’s a pretty decent chance that we’ll end up branding this whole effort OAuth 3 in the future.

The list is named ‘txauth’. Therefore, calling what we’re working on anything different from that seems silly and premature.

I say we just stick with TxAuth to match the list and avoid the whole naming discussion entirely.

 — Justin


On Mar 16, 2020, at 9:56 PM, Justin Richer <jricher@mit.edu<mailto:jricher@mit.edu>> wrote:

Yes, naming things is hard — but I still believe in the name TxAuth. We’re moving beyond OAuth, and taking the process of getting an authorization delegated to the client software as a multi-step, multi-party transaction is, I believe, the key insight that’s letting us move beyond OAuth’s limitations here. It’s not just about going to the AS first — we had that in OAuth 1 and we’re patching that into OAuth 2 with PAR. I really think it’s about the transaction at the core.

Having come of age in the 1990’s, I have particular dislike for XAuth. It sounds too “X-TREME” and “X-CITING”, and if you read either of those with a growling yell in your head then you know exactly what I’m talking about. And to Dick’s rationale for the name below, I absolutely do NOT see this work as “OAuth with all the extra features”. I think that does a disservice to the kind of change we have an opportunity to make here.

 — Justin


On Mar 16, 2020, at 7:04 PM, Dick Hardt <dick.hardt@gmail.com<mailto:dick.hardt@gmail.com>> wrote:

Hello everyone

I prompted a thread around the name of the protocol a while back:

https://mailarchive.ietf.org/arch/msg/txauth/ZVQVbHt4ADqehKrBDXOrTr_s_wc/

As Justin stated "naming is hard"

Wearing my marketing hat I want to ensure that the name will be perceived properly in the broader community.

A recent example that comes to mind are the privacy related works on the browser storage API. Given that name, one would think that it is local storage. It is actually about browser cookies.

Justin discussed his reasons for TxAuth in the thread above (and I'm sure in other places)

I chose XAuth in my draft to reflect the eXtensibility goal that we have over OAuth -- and XAuth is OAuth but with an X to reflect all the extra features. =)

Other suggestions?

This will be an agenda item in the BoF -- but the name will NOT be an open discussion item -- we will summarize what has been discussed on the list and perhaps do a poll of options presented unless consensus is obvious from this thread.

/Dick





[https://mailfoogae.appspot.com/t?sender=aZGljay5oYXJkdEBnbWFpbC5jb20=&type=zerocontent&guid=b21a2a6d-d7e3-45fa-b7a8-84768a1bd2ea]ᐧ

--
Txauth mailing list
Txauth@ietf.org<mailto:Txauth@ietf.org>
https://www.ietf.org/mailman/listinfo/txauth

v2.23.0 | Report a Bug | By Email