[Txauth] A model with a User Consent Element
Denis <denis.ietf@free.fr> Thu, 09 July 2020 10:20 UTC
Return-Path: <denis.ietf@free.fr>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E5C13A080B for <txauth@ietfa.amsl.com>; Thu, 9 Jul 2020 03:20:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.103
X-Spam-Level:
X-Spam-Status: No, score=0.103 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, SPOOFED_FREEMAIL=1.999] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0xRn3VBp9qqy for <txauth@ietfa.amsl.com>; Thu, 9 Jul 2020 03:20:06 -0700 (PDT)
Received: from smtp.smtpout.orange.fr (smtp13.smtpout.orange.fr [80.12.242.135]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0D8253A080A for <txauth@ietf.org>; Thu, 9 Jul 2020 03:20:05 -0700 (PDT)
Received: from [192.168.1.11] ([86.238.65.197]) by mwinf5d73 with ME id 0yL1230064FMSmm03yL1jh; Thu, 09 Jul 2020 12:20:04 +0200
X-ME-Helo: [192.168.1.11]
X-ME-Auth: ZGVuaXMucGlua2FzQG9yYW5nZS5mcg==
X-ME-Date: Thu, 09 Jul 2020 12:20:04 +0200
X-ME-IP: 86.238.65.197
To: "txauth@ietf.org" <txauth@ietf.org>
From: Denis <denis.ietf@free.fr>
Message-ID: <f7cdae74-ac8d-2069-db53-d4f8623c43de@free.fr>
Date: Thu, 09 Jul 2020 12:19:59 +0200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.9.0
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="------------CBAB75F9DC3790534A44EA27"
Content-Language: en-GB
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/kgTKFHZDRDsXJlwW95Gqv_-LctA>
Subject: [Txauth] A model with a User Consent Element
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jul 2020 10:20:09 -0000
This is a new thread. Preamble: This model is quite different from the XAuth model. In particular, a RO has no relationship with any AS and a Client does not need to be associated with any AS prior to any access to a RS. A key point of this model is that the user's consent is handled locally by the Client and hence no AS nor RS is handling a man machine interface for the user consent. This allows to support locally the user consent for multiple ASs while keeping all ASs ignorant about the choices of the user made for accessing a particular RS. * **+--------++------------+ |User||Resource| ||| Owner (RO) | +--------++------------+ |\| |\| |\| |\| +-----------++---------------++------------+ ||---->| Authorization ||| || (2) |Server (AS)||| ||<----|||| |Client|+---------------+|| ||-------------------------->|Resource| |User|(1)|Server| |Consent|<--------------------------|(RS)| |element||| ||-------------------------->||------> ||(3)||(4) ||<--------------------------||<------ +-----------++------------+ * The flow of operations is as follows: The Client (which may have been previously authenticated using FIDO) contacts the RS and after some dialogue with the RS selects an operation that it wants to perform on the RS (1a). Note that it may also indicate directly the operation that it wants to perform on the RS without any prior dialogue. In return (1b), the RS informs the Client about which attributes are needed by the RS for performing the requested operation and from which Attributes Servers they may be obtained. This information is specifically marked to indicate that it shall be handled by the "User Consent element" from the Client. The presentation of that information is up to the man machine interface supported by the "User Consent element" from the Client. The user can see which attributes are requested by the RS for performing the requested operation and, if it consents, the Client contacts one or more appropriate Authorization Servers (2a). The user consent is hence captured locally by the Client (i.e. there is no dialogue with any AS nor any RS). When the Client got the access tokens from these authorization servers (2b), it sends all of them in a single request to the RS (3a). End of the story for a simple access Start of a subsequent story for a delegation case Let us now suppose that the RS is unable to fulfil the request by its own and that it needs to contact another RS. RS1 contacts RS2 (4a) and indicates the operation that it wants to perform on RS2 (that operation may not be the same as the original operation). In return (4b), RS2 informs RS1 about which attributes are needed by RS2 for performing the requested operation and from which Attributes Servers they may be obtained. RS1 forwards that information to the Client. This information is marked to indicate that it shall be handled by the "User Consent element" from the Client. The presentation of that information is up to the man machine interface from the Client. The user can see which attributes are requested by RS2 for performing the new requested operation and, if it consents, the Client contacts one or more appropriate Authorization Servers. The user consent is hence captured locally by the "User Consent element" from the Client. (i.e. there is no dialogue with any AS, nor RS1, nor RS2). When the Client got the access token(s) from the authorization server(s), it sends all of them in a single request to RS1. RS1 then forwards the additional access token(s) to RS2. Some observations: The user nor the Client are linked with any particular AS. A user may use today an AS of the Bank of America and may change tomorrow to the Bank of Missouri. As soon as he will be registered with the Bank of Missouri, he will be able to get access tokens from the AS of the Bank of Missouri. The AS of Bank of America has not been able to know where its access tokens have been used. This will be the same for AS of the Bank of Missouri. There is no need for any direct dialogue between any AS and any RS at the time a client is making an access. There is no need for any RO to contact any AS. This model has been constructed following a "Privacy by Design" approach. Denis
- [Txauth] A model with a User Consent Element Denis
- [Txauth] A model with a User Consent Element (wit… Denis
- Re: [Txauth] A model with a User Consent Element … Daniel Fett
- Re: [Txauth] A model with a User Consent Element … Denis
- Re: [Txauth] A model with a User Consent Element … Fabien Imbault
- Re: [Txauth] A model with a User Consent Element David Pyke
- Re: [Txauth] A model with a User Consent Element Tom Jones
- Re: [Txauth] A model with a User Consent Element … Dick Hardt
- Re: [Txauth] A model with a User Consent Element … Denis
- Re: [Txauth] A model with a User Consent Element … Denis
- Re: [Txauth] A model with a User Consent Element … Dick Hardt
- Re: [Txauth] A model with a User Consent Element … Fabien Imbault
- Re: [Txauth] A model with a User Consent Element … Denis
- Re: [Txauth] A model with a User Consent Element … Denis
- Re: [Txauth] A model with a User Consent Element … Dick Hardt
- Re: [Txauth] A model with a User Consent Element … Justin Richer
- Re: [Txauth] A model with a User Consent Element … Denis
- Re: [Txauth] A model with a User Consent Element … Dick Hardt
- Re: [Txauth] A model with a User Consent Element … Denis
- Re: [Txauth] A model with a User Consent Element … Dick Hardt
- Re: [Txauth] A model with a User Consent Element … Fabien Imbault
- Re: [Txauth] A model with a User Consent Element … Denis
- Re: [Txauth] A model with a User Consent Element … Fabien Imbault