IETF Logo Mail Archive

Re: [GNAP] [Txauth] Revisiting the photo sharing example (a driving use case for the creation of OAuth)

Fabien Imbault <fabien.imbault@gmail.com> Fri, 14 August 2020 06:29 UTC

Return-Path: <fabien.imbault@gmail.com>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 919943A0D74 for <txauth@ietfa.amsl.com>; Thu, 13 Aug 2020 23:29:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uHk9YPCZKMnY for <txauth@ietfa.amsl.com>; Thu, 13 Aug 2020 23:29:13 -0700 (PDT)
Received: from mail-il1-x12d.google.com (mail-il1-x12d.google.com [IPv6:2607:f8b0:4864:20::12d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BA4443A0044 for <txauth@ietf.org>; Thu, 13 Aug 2020 23:29:13 -0700 (PDT)
Received: by mail-il1-x12d.google.com with SMTP id p18so3761340ilm.7 for <txauth@ietf.org>; Thu, 13 Aug 2020 23:29:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=wpO8N3qDaFPFbAWWSudJ6MXVMmea53SRqWSxKPokgWI=; b=eHTqMkusgQZxweLqTyLooBOTgS+KBtlOrKJfuEKywAFA/CWJK6zO1UNbMLX8e4JfE0 76FjhBKszOPnStVMb5Zsr2XOXrhmtOIpkKv/EhO9uJukogGWXn3eOl09kuczCQ2S3xop YOTjzWRCZtQ4br0zlxTakaLBQjGP6Sz4cY2cc1H/efRwyWYMTlMTPKPQRplawFOI4yH7 S8gD4P6ccowe9IBwuABPesVblfXSucl3AliZrE/GInOwmgFSxiyVZ0Lq94vG06B07Iuz TIunrL3ETxtL0a0gqyYsg6bXcz8CdkVSA2wYPFS2+3uv/vGer8qukE9o6pyljnt3+6Hy gX9A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=wpO8N3qDaFPFbAWWSudJ6MXVMmea53SRqWSxKPokgWI=; b=uSPYVO+5opN2Urtchl68Pgf2qmcOpIPrv9yeuTIYFEWGRX6vCVySS/CssCCgfbRheW n/QIZTv9vwYPcuHlpwMdP69vnlN1QY/rAEOLYXFIw97LO9BD5KlNDVNfWQup03trij0b OCurkzcNAnrfOpw0qkxSxaeftCubJNgl3G6/CCQkCNQl/Ke3DpauvuFvtkGemEmTiBtk 8U+pTiVfrEdBudGIdjXTojmGHcGKonyNeE+5zz0PbQC8jn+EgsRDr6Ve7dv/yEpF4TQ1 XcFCIVmmQgaP8Jw7WRpQPGDhE6qBXbG0pSTRnOzraRueowXLbrf9safbYSPh04zwYd4a Xqvg==
X-Gm-Message-State: AOAM532uT8BTExQ5pR7CqZzIkBf//eVUwCerV9L44w6f0YGMQCOs9zMe f1Fyxy/dSU4w6k7tNyHY1+divyQ2SYoK3phyL8I=
X-Google-Smtp-Source: ABdhPJw+MKZ1/min6pGpH/kQo6A5hkkOTrLz/4IzI4Nnlq6Hq8AwSSOnhl3wIkxPOiLdFO0uhYv4Jd8jHMnAszeRIhY=
X-Received: by 2002:a92:480f:: with SMTP id v15mr1195210ila.123.1597386553031; Thu, 13 Aug 2020 23:29:13 -0700 (PDT)
MIME-Version: 1.0
References: <c5f40413-93b8-2e8c-0a3e-14a07cd27ad0@free.fr> <ECF217AE-1D67-4EAE-AE51-531F6EE6E222@mit.edu> <583aedda-ae41-1f3e-6623-671f2197614c@free.fr> <20200804185313.GT92412@kduck.mit.edu> <CAJot-L2hykst2vFxcwLn_auDMMaw7psVwsKFHKhQp9DA49ydWg@mail.gmail.com> <A4DC7B4E-FD34-454F-9396-B971CF5D57A4@mit.edu> <CAD9ie-tKEp+PV3F4p84Zbu7Kd1dQutawnzHybt8cmg-XniLYLQ@mail.gmail.com> <CAOW4vyN4ifCXmk1XAyGK4cEfY1jTp6+AWOL-uNjEpVcp0Ku0UQ@mail.gmail.com> <CAD9ie-ugjNevqKAPWFjKqGMMpCvX6yyC=M4bs9naenJf-k9uqg@mail.gmail.com> <CAOW4vyOrXstAvc3eKbsUh+gOPT-79nevR8nT5FyKTe+aAQ1pSw@mail.gmail.com> <CAD9ie-sZbxBKuLgC3Bu+yzJATOETdto=S83B6FOmC3gFJWz1jw@mail.gmail.com> <1b4a6a43-4c57-92b4-f442-2da58a2d0d70@free.fr> <CAD9ie-s5_tOZhE57tj1b+XaqDw+D43n_wStOPSmi7cioG2Z+gw@mail.gmail.com> <6678f154-31e7-2d01-2002-f3600f589c96@free.fr> <CD0AE256-7868-4B00-9235-300CB55506BC@mit.edu> <CAM8feuS0K3OTmNY6fzYKOtZeh1_6r_+UhW3uBzT96agw56akRA@mail.gmail.com> <CAD9ie-t8DEZYMOn5Pvx0e6GCyoz7+s=wWk5Bz12=22KWjJ72Tw@mail.gmail.com> <CAP-T6TQ-nU3O5BUfK7yuh-OmaBGRWKEEYd6hzgqhH2FKknxk7A@mail.gmail.com>
In-Reply-To: <CAP-T6TQ-nU3O5BUfK7yuh-OmaBGRWKEEYd6hzgqhH2FKknxk7A@mail.gmail.com>
From: Fabien Imbault <fabien.imbault@gmail.com>
Date: Fri, 14 Aug 2020 08:29:01 +0200
Message-ID: <CAM8feuTno-e7qdzt8Td70UWWFUduAkntis9usu+VaAZHJWG48Q@mail.gmail.com>
To: Dave Tonge <dave.tonge@moneyhub.com>
Cc: Dick Hardt <dick.hardt@gmail.com>, Francis Pouatcha <fpo@adorsys.de>, Denis <denis.ietf@free.fr>, "txauth@ietf.org" <txauth@ietf.org>, Justin Richer <jricher@mit.edu>, Benjamin Kaduk <kaduk@mit.edu>
Content-Type: multipart/alternative; boundary="00000000000010043a05acd08ab0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/s55P5_iKYTgRQBTLvGxTe_eHesI>
Subject: Re: [GNAP] [Txauth] Revisiting the photo sharing example (a driving use case for the creation of OAuth)
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Aug 2020 06:29:16 -0000

Thanks, that's an important use case. Should add DID also.

This raises additional questions related to claim aggregation though, in
case you have contradictory information.

Le ven. 14 août 2020 à 03:39, Dave Tonge <dave.tonge@moneyhub.com> a écrit :

> > I agree with clearly separating the GS interaction with the Client from
> the interaction with the User.
>
> > I'm having a hard time viewing those as two different roles. They are
> two different interactions. Just as the client interaction with the AS is
> different from the client interaction with the GS.
>
> I also struggle to see these as different roles - they seem to be
> fundamentally linked,
> However what I think does need to be taken into consideration is that
> there may be multiple Grant Servers involved in a user flow (I've added a
> new use case to describe some of these flows:
> https://github.com/ietf-wg-gnap/general/wiki/Multiple-Authorization-Servers-in-a-single-flow
> )
>
>
> Moneyhub Enterprise is a trading style of Moneyhub Financial Technology
> Limited which is authorised and regulated by the Financial Conduct
> Authority ("FCA"). Moneyhub Financial Technology is entered on the
> Financial Services Register (FRN 809360) at https://register.fca.org.uk/.
> Moneyhub Financial Technology is registered in England & Wales, company
> registration number 06909772. Moneyhub Financial Technology Limited 2020 ©
> Moneyhub Enterprise, Regus Building, Temple Quay, 1 Friary, Bristol, BS1
> 6EA.
>
> DISCLAIMER: This email (including any attachments) is subject to
> copyright, and the information in it is confidential. Use of this email or
> of any information in it other than by the addressee is unauthorised and
> unlawful. Whilst reasonable efforts are made to ensure that any attachments
> are virus-free, it is the recipient's sole responsibility to scan all
> attachments for viruses. All calls and emails to and from this company may
> be monitored and recorded for legitimate purposes relating to this
> company's business. Any opinions expressed in this email (or in any
> attachments) are those of the author and do not necessarily represent the
> opinions of Moneyhub Financial Technology Limited or of any other group
> company.
>
>

v2.23.0 | Report a Bug | By Email