IETF Logo Mail Archive

Re: [Txauth] Changes to XYZ

David Waite <david@alkaline-solutions.com> Fri, 11 October 2019 18:09 UTC

Return-Path: <david@alkaline-solutions.com>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 615171200C7 for <txauth@ietfa.amsl.com>; Fri, 11 Oct 2019 11:09:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.228
X-Spam-Level: **
X-Spam-Status: No, score=2.228 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_SBL_CSS=3.335, RDNS_NONE=0.793, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g7dlSSy6OLBp for <txauth@ietfa.amsl.com>; Fri, 11 Oct 2019 11:09:01 -0700 (PDT)
Received: from alkaline-solutions.com (unknown [IPv6:2600:3c00::f03c:91ff:fe93:6974]) by ietfa.amsl.com (Postfix) with ESMTP id A389F12009C for <txauth@ietf.org>; Fri, 11 Oct 2019 11:09:01 -0700 (PDT)
Received: from [IPv6:2601:282:202:b210:acae:75f7:c13c:c0f7] (unknown [IPv6:2601:282:202:b210:acae:75f7:c13c:c0f7]) by alkaline-solutions.com (Postfix) with ESMTPSA id 0A8FA3155C; Fri, 11 Oct 2019 18:09:01 +0000 (UTC)
From: David Waite <david@alkaline-solutions.com>
Message-Id: <3FCF36FC-F428-49CF-8581-F78207150602@alkaline-solutions.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_2FAFA647-6A97-4D9E-93E0-FC15B67C8C1C"
Mime-Version: 1.0 (Mac OS X Mail 13.0 \(3594.4.19\))
Date: Fri, 11 Oct 2019 12:09:00 -0600
In-Reply-To: <CCA51923-A6AA-4F87-B823-6DAA7C327668@mit.edu>
Cc: Justin Richer <jricher@mit.edu>
To: "txauth@ietf.org" <txauth@ietf.org>
References: <CCA51923-A6AA-4F87-B823-6DAA7C327668@mit.edu>
X-Mailer: Apple Mail (2.3594.4.19)
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/racr4TKEOTlBB8HZAJMKvRkn6FI>
Subject: Re: [Txauth] Changes to XYZ
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Oct 2019 18:09:04 -0000

> On Oct 11, 2019, at 8:30 AM, Justin Richer <jricher@mit.edu> wrote:

<snip>

>  - Clients can now signal more than one kind of interaction is possible. Syntactically this means we’re sending keys with booleans instead of a “type” key with a string value. Practically this means that the AS now can choose from among a set of options that the client can do and determine what makes the most sense, probably allowing multiple options that it supports.

Would it make sense for the interaction configuration to be the value of that key? e.g.

  "redirect": {
    "callback": "https://client.example.net/return/123455",
    "nonce": "LKLTI25DK82FX4T4QFZC"
  }

>  - I renamed the “client” section to “display” because that’s more what it was — user-facing elements. It’s my hope that this will be less of a place to hang everything off of, like the client ended up being in OAuth2.

It sounds like the use of the term “client” is being deemphasized in the protocol. Would a tweak to the role name potentially be in scope, or would we want to avoid the arguments that come from adding that whole extra wing onto the current bike shed?

I ask because while I have obviously gotten very comfortable with the use of the term client, the generic nature of the term does cause collisions and confusion when OAuth is adopted into a pre-existing space.

It may also be that the use of ‘client’ gets qualified and/or deemphasized once you are talking about the role only in the context of interaction with transaction endpoints.

-DW

v2.23.0 | Report a Bug | By Email