Re: [GNAP] Design team
Fabien Imbault <fabien.imbault@gmail.com> Sat, 10 October 2020 02:15 UTC
Return-Path: <fabien.imbault@gmail.com>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E6923A12B0 for <txauth@ietfa.amsl.com>; Fri, 9 Oct 2020 19:15:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.096
X-Spam-Level:
X-Spam-Status: No, score=-1.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nBvc9MdfkZCg for <txauth@ietfa.amsl.com>; Fri, 9 Oct 2020 19:14:59 -0700 (PDT)
Received: from mail-il1-x130.google.com (mail-il1-x130.google.com [IPv6:2607:f8b0:4864:20::130]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 39F0F3A121A for <txauth@ietf.org>; Fri, 9 Oct 2020 19:14:59 -0700 (PDT)
Received: by mail-il1-x130.google.com with SMTP id t12so11035992ilh.3 for <txauth@ietf.org>; Fri, 09 Oct 2020 19:14:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=3w8OyjuHO08PMJOEfdRIDlg7kYzut6rVDVvbyxDkDoc=; b=U3C8yjO6jf6jx0Eo7FILOGQBAdERbr1/gKAUimyolvRJb5KYB/2qiCpQCr+0Xwwbjd TtiMLLJfQWjot0oQ5R9u2mFseBw1LyEFnFi1m0olzyxwtR9ZrD+m3cFTqpne6ZmTskc1 Onwum2oewc13fPabX70WV5ylHenIhC/JVNX+NkofxMX89WwkjGb82a2Si12M3KRws8k1 won7mdqi1i5u/ZZOIhQDUPvalX5MjO7kq7WE0IHqzkGxbZwZZEDuoHz4AMtQRzmgB9u0 C3mkuRLR9RFcF5aZZmpvXrb8tDA8bA/q09VV2EOaXPcVIwwMctcV3gJZ88nYTrtNLymA cOmg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=3w8OyjuHO08PMJOEfdRIDlg7kYzut6rVDVvbyxDkDoc=; b=oL1TspOQtq4h3SmjvdfsfbvbIQRgOYzhsNEPZmHO5FSW1dByFWndKICtDBXQD++mjc pgQWFND9cPQZRh2d8FgFW3mb9TKsrcmlXQq9m6FrVWypQrrSQfkL7diihNFNZFzNEPU5 k88nkOzLJ5eL4jb1MWzTHQ+DAGLr+T6AsLyo6iYZ9Wd4ev0n8djZwaQKYYW7nZnT7nyW UEZqH3G+zEZbPkozxgHiicZV5ZykE/lSIbb20gyx4KN5t5FbOn5EszHilbn5eZ2ztt2J Vjyv8RO8bVQE9GQKz36u1OkXj7lNr2A/eOyN3WmosLfwLdT2kXI1OwsAQ2EmzatgPRPB aQoA==
X-Gm-Message-State: AOAM5303BKMbP1xKlh9YTvzfI3KyQu3tR1oXAOvP4Fke88Yo0J+zs5B8 Dwn+kdE/YmuwoB0iKmmQy5uZg4kWVc+U0/1ichk=
X-Google-Smtp-Source: ABdhPJw2vQrmpDTdUY8pIWruIEzxYX4zhpbLDTPAmM+axENhze4v3bEgbC2lKv4m+JRTIoFcimOCO+n+HajTmhOOHp8=
X-Received: by 2002:a05:6e02:249:: with SMTP id w9mr11691163ilr.188.1602296097453; Fri, 09 Oct 2020 19:14:57 -0700 (PDT)
MIME-Version: 1.0
References: <2853ADA4-6F92-4E83-80C0-DFED05D0C0E4@gmail.com> <bf7e1f6e7a8e47648c2e13dd25306b35@oc11expo18.exchange.mit.edu> <CAD9ie-tasafnZJJAJ2oZS6VPbTYxYQ4p-=TKkcPjKg5VUQxPpg@mail.gmail.com>
In-Reply-To: <CAD9ie-tasafnZJJAJ2oZS6VPbTYxYQ4p-=TKkcPjKg5VUQxPpg@mail.gmail.com>
From: Fabien Imbault <fabien.imbault@gmail.com>
Date: Sat, 10 Oct 2020 04:14:45 +0200
Message-ID: <CAM8feuTFOmNxAY=GD6JodBa2-R1EgRAY0=oeZeTUqxEE3tZudQ@mail.gmail.com>
To: Dick Hardt <dick.hardt@gmail.com>
Cc: Justin Richer <jricher@mit.edu>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, "txauth@ietf.org" <txauth@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000b6ba8a05b147a1b2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/c4ayQHq8jG0k1Wpy-OpNhNZsrSk>
Subject: Re: [GNAP] Design team
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Oct 2020 02:15:01 -0000
Hi there, +1 for adopting v14 as a basis for the GNAP WG. I think really important to have one single document to get everyone started, and not be stuck on a xyz vs xauth comparison. Instead we now have a relatively consistent starting point, which is neither xyz nor xauth, for everyone to step in. The draft is still inspired by xyz at its core, but a lot of work has been put into taking the concerns raised in xauth (Dick did raise many issues into the original document, and made a great job), and others. As anyone will be able to see into the change logs. What's important is that editorial notes provide a good summary of the design choices we need to make. I can anticipate that some of you will raise other items discussed on the mailing list, such as privacy for instance. There was consensus on the fact that it needs to be one of the goals (amongst others) but our core focus during the work carried out in the small group was to focus on dissenting opinions about what the starting document should contain. It's not meant to be perfect (yeah, goal achieved :-)). I can attest Justin put a lot of hard work in taking into account the feedbacks and criticisms, and it's quite impressive to still have a fairly consistent document after so many changes in a short period of time. Of course neither of us had all of its wishes come true :-) Dick probably feels some issues he raised are not fully incorporated, because some are fundamentally different design choices. Again Dick raised very useful items, some of which made it through, others are only integrated as notes. At times the tension was palpable and sometimes Kathleen had to remind everyone to cool down (thanks for that!). And we see some of that into Dick's request today. I regret a bit that this might hinder the positive outcome of the work. All items were on the table. We made a fairly thorough comparison of the approaches, which led to many parts being rewritten. Justin was quite clear when he disagreed (it's explicit in the notes) but still captured with integrity the essence of the tradeoffs, with an open mind. Of course there's a specific power in holding the pen. I think Justin is aware of what the role implies. Of course it's sometimes hard to not be too opinionated, while still being able to say no when required. Probably the chairs could step in to clarify escalation rules to avoid the risk mentioned by Dick, in case it ever materializes. No one is perfect. But so far, Justin's mandate has not transformed into a benevolent dictatorship, but more a balanced guardianship. As such he keeps my continued support into the editor's role. Cheers Fabien Le sam. 10 oct. 2020 à 02:26, Dick Hardt <dick.hardt@gmail.com> a écrit : > Tl;dr: Given where we are in the WG, I am not opposed to the WG adopting > -14, but I propose someone other than Justin be the document editor. > > I was on the design team to work on the goals set out by the chairs [1]: > > "We expect the design team to decide on a solution outline that combines > the best of both proposals, and present this outline by Sep. 15" > > Surprisingly, Kathleen convened the design team with her recommendation to > start with the XYZ document with Justin as editor, and add in the diagrams > from XAuth. The rest of the design team had an opportunity to express their > concerns and Justin edited the document. In other words, I had to convince > Justin to change the document, rather than the design team comparing and > contrasting the proposals and selecting the best parts. I expressed my > concerns with our AD, and decided to continue participating in the design > team. We did make some progress on a number of issues thanks to the hard > work of Fabien, Justin, and Mike -- but many issues have been punted to the > WG. > > Justin has poured tons of energy into this project, and to his credit he > was a good editor at times, but there are areas where he was unwilling to > deviate from his vision. > > I am concerned about a repeat of what happened in OAuth 2.0: Erin had the > pen and had strong views that often were not aligned with the rest of the > WG. A good example was Erin's distaste for bearer tokens. He factored that > out of the core document, which we are now adding back in with OAuth 2.1. > Anyone that participated in the WG saw the issues this had. > > I'm not suggesting that Justin is Erin, but I think a more neutral editor > of the core document will allow us to make progress more quickly. > > /Dick > > [1] > https://mailarchive.ietf.org/arch/msg/txauth/By7tDkJBxhmHbP7vKwubC9eW38I/ > ᐧ > > On Fri, Oct 9, 2020 at 5:04 PM Justin Richer <jricher@mit.edu> wrote: > >> Thanks, Kathleen, and thanks to Dick, Mike, and Fabian for all their hard >> work and discussion as well. This draft contains aspects of XYZ and Xauth, >> and introduces some new elements and pieces as well. As you'll see, there >> are many identified issues and decisions to be made, but even then I >> believe it hangs together fairly cohesively already thanks to the good >> engineering effort and discussion that's gone in so far. >> >> Nothing in the document is final, of course. To me, this document >> represents a good starting point for working group discussion and >> decisions, +1 for its adoption. >> >> - Justin >> ________________________________________ >> From: TXAuth [txauth-bounces@ietf.org] on behalf of Kathleen Moriarty [ >> kathleen.moriarty.ietf@gmail.com] >> Sent: Friday, October 9, 2020 6:55 PM >> To: txauth@ietf.org >> Subject: [GNAP] Design team >> >> Greetings! >> >> The design team has now come to a close. While there were too many >> issues to resolve to all design team member satisfaction, great effort was >> put in to describe decision points for the WG to ease and hopefully speed >> the working group process. As such, I am requesting that the WG adopts >> this version (14 of XYZ) and works together to fully develop a single >> specification. >> >> https://datatracker.ietf.org/doc/draft-richer-transactional-authz/ >> >> A tremendous thank you to each of the design team members for your hard >> work and walking the fine line of when to put a stake in the ground (that >> the WG can always change once adopted) and listing our options for decision >> points to ease the WG process. >> >> Best regards, >> Kathleen >> >> Sent from my mobile device >> >> -- >> TXAuth mailing list >> TXAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/txauth >> > -- > TXAuth mailing list > TXAuth@ietf.org > https://www.ietf.org/mailman/listinfo/txauth >
- [GNAP] Design team Kathleen Moriarty
- Re: [GNAP] Design team Justin Richer
- Re: [GNAP] Design team Dick Hardt
- Re: [GNAP] Design team Kathleen Moriarty
- Re: [GNAP] Design team Fabien Imbault
- Re: [GNAP] Design team Dmitri Zagidulin
- Re: [GNAP] Design team Dick Hardt
- Re: [GNAP] Design team Kathleen Moriarty
- Re: [GNAP] Design team Dick Hardt