Re: [GNAP] A "privacy by design" delegation scheme
Stephen Moore <srmoore@gmail.com> Fri, 19 March 2021 14:40 UTC
Return-Path: <srmoore@gmail.com>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C75A03A16ED for <txauth@ietfa.amsl.com>; Fri, 19 Mar 2021 07:40:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HyH-ISyujbCC for <txauth@ietfa.amsl.com>; Fri, 19 Mar 2021 07:40:52 -0700 (PDT)
Received: from mail-ed1-x530.google.com (mail-ed1-x530.google.com [IPv6:2a00:1450:4864:20::530]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8CA1A3A169A for <txauth@ietf.org>; Fri, 19 Mar 2021 07:40:40 -0700 (PDT)
Received: by mail-ed1-x530.google.com with SMTP id y6so11078147eds.1 for <txauth@ietf.org>; Fri, 19 Mar 2021 07:40:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=BoCZYactVOm+4LTbwaf3SF4ZqMuy9XHi3xdfAG5LOoU=; b=bP/0PDAxTn90a5oWy5f77tZVJ2f2ykz88sIF2lJMLjjM++JLd8S+Llqt4E5pCzyycs lwGw1hnP/+N/St/i6wNBhwzj8Luw2GWrP0+Qb6xY7IATbn7ODGAegdsx0eYRV259b3cN YU4MW8UC5myMekzhy62eE4foUTkXAcBoq5LSCeHfONJclJu0xDgvqL5fsgXe07J+NdoN B7qTH/v4bN4NSvb+Xq4RYUL6CI0mWhuMPubhct9zhuaIQn/e9VXHIfnhZID+jue+LAeY vFW7U2/KFhyPB4onYGNODHVDzsXGxq8aoTSw3pvCWYTmE0/jJf9GUIHd2POmrXYho//E tt9w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=BoCZYactVOm+4LTbwaf3SF4ZqMuy9XHi3xdfAG5LOoU=; b=qy2NQ17slv2EFGgq88At7z26TZSPmOIFDixKXnew1F+cILZ4GR/E8W8v/uOW/gmX1l 4mrfxbA2bm4s756/YnyVMipXo1WQraMI7HVe8g03iA+or8OAV47s3zZOhQfPmpOaYEb0 B0Vp4gXJtxgA8YjrJyyK8QO42QI69c6WhiiTgNRm9naaVEcbbDVONhYTDzeUJ7Ddo1Rv sk1UwouGEfS0wHbynqO1fwhjwIFouI5rQK0cnmSa491QIzqUTR73N1DCIad/UY18JAHB W5NjHw2+MGCPj7n8aq8kMKKzZQZ+UZs9U7N7UIVhS8VkjTJtKvhuUinH7Z/SbBFZxMAI CYLg==
X-Gm-Message-State: AOAM531tyP4bUUuMkhxKrL1/ma6hKb4dyyB8FWGfBzr5tz8DMlTU7uVm hqLoKj8mDd9/UhiXzR9gdMU9uh2r1i7R/Ahvv5lBpakE
X-Google-Smtp-Source: ABdhPJy0RCztoCc7EkHz0mHcwoANpLOckVj265rzhlifl3J+qihWWRVGS0eWD23L6YYWAsD0qROsuFC0Q3VCeyO1MIs=
X-Received: by 2002:a50:eb97:: with SMTP id y23mr10032714edr.170.1616164837629; Fri, 19 Mar 2021 07:40:37 -0700 (PDT)
MIME-Version: 1.0
References: <62619e0d-f4ad-bef8-d351-49943542409f@free.fr>
In-Reply-To: <62619e0d-f4ad-bef8-d351-49943542409f@free.fr>
From: Stephen Moore <srmoore@gmail.com>
Date: Fri, 19 Mar 2021 10:40:26 -0400
Message-ID: <CAK5Vu_BX+qqgKVWzB-98CFGkbgbSoxwtrq7mtJ61e=Q08CrdNg@mail.gmail.com>
To: Denis <denis.ietf@free.fr>
Cc: "txauth@ietf.org" <txauth@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000000ba3c605bde4b340"
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/rD7_B-ZEcdd01O2u4wrD4oPAEgc>
Subject: Re: [GNAP] A "privacy by design" delegation scheme
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: GNAP <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Mar 2021 14:40:55 -0000
Denis, All you are doing in that case is putting the AS into the photosharing service. The photo sharing service still has an AS that it explicitly trusts because it owns it, but now I need to have multiple accounts on every RS I have data on it, rather than giving me the option as a user to entrust an AS run by a reputable company that can be trusted by many RS's. The delivery information can be input at the Photo Printing service with or without an account on the service, regardless of where the token comes from. I don't see how your last two bullets matter in differentiating the two takes. I honestly don't see a difference between the two other than one service hosting the two components (RS and AS) -steve On Fri, Mar 19, 2021 at 10:27 AM Denis <denis.ietf@free.fr> wrote: > The text that follows is extracted from : > > > - Page 5 from RFC 6749 (OAuth 2.0). October 2012, and > - Page 5 & 6 from draft-ietf-oauth-v2-1-01. February 2021 > > " For example, an end-user (resource owner) can grant a printing > service (client) access to her protected photos stored at a photo sharing > service (resource server), > without sharing her username and password with the printing > service. Instead, she authenticates directly *with a server trusted by > the photo-sharing service * > * (authorization server), which issues the printing service > delegation-specific credentials (access token)*." > > These two sentences are part of the foundations of OAuth 2.0 and OAuth 2.1. > > The same delegation scheme can be supported without the need to use an > authorization server (AS). Here is the story: > > For example, an end-user can grant a printing service access to > her protected photos stored at a photo sharing service, without sharing her > username and password > with the printing service. Instead, she authenticates > directly to the photo sharing service and asks to that service to deliver > delegation-specific credentials (access token) > able to grant to its owner a read access to a subset of her > photos during some period of time. Once the access token has been delivered > by the photo sharing service, > she transmits it to the printing service. Then the printing > service presents that access token to the photo sharing service which will > deliver the subset of selected photos > to the printing service. > > *Requirement* : > > The end-user must have an account on the photo sharing service. > > *Advantages*: , > > - Since there is no AS, the photo sharing service does not need to > trust any AS nor have a relationship with an AS. > - Since there is no AS, the printing service does not need to trust > any AS, nor have as relationship with an AS. > - Since there is no AS, no account is needed for the end-user at an AS. > - Since there is no AS, no AS can know/spy what the end-user is doing. > - The access token can be transmitted/communicated to anybody, > including herself. > - The end-user MAY have an account on the printing service, but she is > NOT REQUIRED to have one. > - The person that gets the photos printed will need to disclose to the > printing service a name and an address for the delivery > (not necessarily her name and her home address) *if she is not working > at a kiosk *and will need to pay for the printing (*and postage*). > > Denis > > -- > TXAuth mailing list > TXAuth@ietf.org > https://www.ietf.org/mailman/listinfo/txauth >
- [GNAP] A "privacy by design" delegation scheme Denis
- Re: [GNAP] A "privacy by design" delegation scheme Justin Richer
- Re: [GNAP] A "privacy by design" delegation scheme Justin Richer
- Re: [GNAP] A "privacy by design" delegation scheme Stephen Moore
- Re: [GNAP] A "privacy by design" delegation scheme Denis