[GNAP] When are HRPCs normative in an IETF protocol?
Adrian Gropper <agropper@healthurl.com> Sat, 26 November 2022 20:00 UTC
Return-Path: <agropper@gmail.com>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 66A54C14CF16 for <txauth@ietfa.amsl.com>; Sat, 26 Nov 2022 12:00:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.399
X-Spam-Level:
X-Spam-Status: No, score=-1.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W7QScBiSnEOY for <txauth@ietfa.amsl.com>; Sat, 26 Nov 2022 12:00:50 -0800 (PST)
Received: from mail-yw1-f180.google.com (mail-yw1-f180.google.com [209.85.128.180]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D67CC14CE28 for <txauth@ietf.org>; Sat, 26 Nov 2022 12:00:27 -0800 (PST)
Received: by mail-yw1-f180.google.com with SMTP id 00721157ae682-3b56782b3f6so69795537b3.13 for <txauth@ietf.org>; Sat, 26 Nov 2022 12:00:27 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=Ya+UuWdFh+7Mogkpe4BXnrgIHZeDzjG/jThFXaga5YI=; b=Y67LNQmkdNYOd3BOHKAvA3cIL83WIiS8EkcsyXZAKaclmTicvz7tjlhwofebSbSVN6 bkA7os0s71cDDG2i3jaQH40A30rArG4T2+19k/oISu0E5x1f/Hy91/wwBygHgw0ihzq/ fTKwDqhajQwlc1PaKtI+TDLoW51Dc487viZz2osDwt3KUbLQN3UxImlVZyO/lPF0JJyO WdDFsm0HFMk0jhuBDlhM7JXz7cQ5CQM+RwHhCz9lPnMj0cgmaJAqGzrhOWjlQPPl8DFo CeJTBj50It60cio5IwoQJ77qI+RM9ircEjeEO08PWN7NnZBoDo0KHHILaehKzZk6zXRP wjDw==
X-Gm-Message-State: ANoB5pnXrGu9AIw/unUp/0vt2n4YOCKIIZPDjpeid7yiFfthH1/fTsfx IU/VmqebmQRXPXSl6O7DefGd8CGZL9Szc7bJtTw=
X-Google-Smtp-Source: AA0mqf7dgo8y2Q0Hq2RcCbMEpG8d4SmOvQ63qNf48gL9wa2D2h4hFonMimhSQSEjzkK/G97Xw3F3Bedr0HECJnEfXxU=
X-Received: by 2002:a81:af27:0:b0:36b:efc9:fb13 with SMTP id n39-20020a81af27000000b0036befc9fb13mr25083807ywh.324.1669492825945; Sat, 26 Nov 2022 12:00:25 -0800 (PST)
MIME-Version: 1.0
From: Adrian Gropper <agropper@healthurl.com>
Date: Sat, 26 Nov 2022 15:00:14 -0500
Message-ID: <CANYRo8ivdeQOc8KkroQ8ZZCoif-CPwNcc9qG0jU6nW8GUHTe1w@mail.gmail.com>
To: hrpc@irtf.org
Cc: Alan Karp <alanhkarp@gmail.com>, GNAP Mailing List <txauth@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000d87d3605ee651649"
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/UQqeZf_eketrX6B87Mj_kc_m-fU>
Subject: [GNAP] When are HRPCs normative in an IETF protocol?
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: GNAP <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 26 Nov 2022 20:00:51 -0000
I'm new to HRPC but convinced that the work here is both relevant and unique in my experience with standards groups. My background is in software-intensive medical devices and health records. I am a volunteer CTO for the Patient Privacy Rights Foundation and lead a related, non-commercial open source example implementation of standards-based health information access. IETF GNAP is a new delegated authorization protocol intended to replace OAuth in many use-cases, including Alice-to-Bob cases. In the HRPC context, delegated authorization presents the risk of forced association as a violation of human rights. In particular, forced association between a data subject's service provider as a resource server and an authorization service provider that is a delegate of the service provider leads to hyperscale platforms in social media, document creation, and other forms of information exchange, including health records. The issue at hand is how should GNAP mitigate the unintended consequences of forced association and when should the mitigations be normative in the overall IETF context. Here's a Gdoc with the current state of the discussion in GNAP including a potential PR: https://docs.google.com/document/d/1C_OEt2GeXfMLJJentmk7eX3A8gtq0_zYDfhW3AEwiSQ/edit?usp=sharing If GNAP is a good test case for HRPC, please help me improve the PR and introduce whatever process is appropriate to determine when HRPCs are normative in a protocol. (Please suggest where to move the Gdoc to a more suitable place for discussion.) -Adrian
- [GNAP] When are HRPCs normative in an IETF protoc… Adrian Gropper