[Txauth] Registered Clients and Dynamic Clients
Denis <denis.ietf@free.fr> Wed, 15 July 2020 17:04 UTC
Return-Path: <denis.ietf@free.fr>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF2F73A0880 for <txauth@ietfa.amsl.com>; Wed, 15 Jul 2020 10:04:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.171
X-Spam-Level:
X-Spam-Status: No, score=-0.171 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, KHOP_HELO_FCRDNS=0.267, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, SPOOFED_FREEMAIL=1.459] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Uz33jcP21o1J for <txauth@ietfa.amsl.com>; Wed, 15 Jul 2020 10:04:44 -0700 (PDT)
Received: from smtp.smtpout.orange.fr (smtp01.smtpout.orange.fr [80.12.242.123]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C2B873A085F for <txauth@ietf.org>; Wed, 15 Jul 2020 10:04:43 -0700 (PDT)
Received: from [192.168.1.11] ([86.238.65.197]) by mwinf5d53 with ME id 3V4h2300G4FMSmm03V4hz4; Wed, 15 Jul 2020 19:04:42 +0200
X-ME-Helo: [192.168.1.11]
X-ME-Auth: ZGVuaXMucGlua2FzQG9yYW5nZS5mcg==
X-ME-Date: Wed, 15 Jul 2020 19:04:42 +0200
X-ME-IP: 86.238.65.197
To: Dick Hardt <dick.hardt@gmail.com>
Cc: "txauth@ietf.org" <txauth@ietf.org>
From: Denis <denis.ietf@free.fr>
Message-ID: <7c1f0439-42e4-9f7d-4dd2-e741f7cb57f2@free.fr>
Date: Wed, 15 Jul 2020 19:04:39 +0200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.9.0
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="------------CBA27F4A16CCBAD5F37FFCF0"
Content-Language: en-GB
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/aL96jHgsD8paSFLIevcRKGHfiUc>
Subject: [Txauth] Registered Clients and Dynamic Clients
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jul 2020 17:04:46 -0000
Hello Dick, I am puzzled with the two following definitions in draft-hardt-xauth-protocol-13 : *Registered Client* - a Client that has registered with the GS and has a Client ID to identify itself, and can prove it possesses a key that is linked to the Client ID.The GS may have different policies for what different Registered Clients can request.A Registered Client MAY be interacting with a User. [Denis] I interpret the last sentence in the following way: A Registered Client may be either an Application or a User. Is it correct ? *Dynamic Client* - a Client that has not been previously registered with the GS, and each instance will generate it’s own asymmetric key pair so it can prove it is the same instance of the Client on subsequent requests. The GS MAY return a Dynamic Client a Client Handle for the Client to identify itself in subsequent requests. A single-page application with no active server component is an example of a Dynamic Client. A Dynamic Client MUST be interacting with a User. [Denis] The draft does not include any other explanation for the reason to support the so-called "Dynamic Clients". While I can understand the value to use a temporary key pair for a given RS, I can't understand the value for a GS to support unknown clients. If a GS knows nothing about a so-called "Dynamic Client", then it will not be able to deliver any user attribute into an access token to such client. Denis
- Re: [Txauth] Registered Clients and Dynamic Clien… Dick Hardt
- [Txauth] Registered Clients and Dynamic Clients Denis
- Re: [Txauth] Registered Clients and Dynamic Clien… Dick Hardt
- Re: [Txauth] Registered Clients and Dynamic Clien… Denis
- Re: [Txauth] Registered Clients and Dynamic Clien… Dick Hardt
- Re: [Txauth] Registered Clients and Dynamic Clien… Denis