[Txauth] Changes to XYZ
Justin Richer <jricher@mit.edu> Fri, 11 October 2019 14:31 UTC
Return-Path: <jricher@mit.edu>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 17079120127 for <txauth@ietfa.amsl.com>; Fri, 11 Oct 2019 07:31:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UsheUtiwqFaq for <txauth@ietfa.amsl.com>; Fri, 11 Oct 2019 07:31:19 -0700 (PDT)
Received: from outgoing-exchange-3.mit.edu (outgoing-exchange-3.mit.edu [18.9.28.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 25C19120125 for <txauth@ietf.org>; Fri, 11 Oct 2019 07:31:18 -0700 (PDT)
Received: from w92exedge4.exchange.mit.edu (W92EXEDGE4.EXCHANGE.MIT.EDU [18.7.73.16]) by outgoing-exchange-3.mit.edu (8.14.7/8.12.4) with ESMTP id x9BEUvQj019007 for <txauth@ietf.org>; Fri, 11 Oct 2019 10:31:17 -0400
Received: from oc11expo18.exchange.mit.edu (18.9.4.49) by w92exedge4.exchange.mit.edu (18.7.73.16) with Microsoft SMTP Server (TLS) id 15.0.1293.2; Fri, 11 Oct 2019 10:30:29 -0400
Received: from oc11expo18.exchange.mit.edu (18.9.4.49) by oc11expo18.exchange.mit.edu (18.9.4.49) with Microsoft SMTP Server (TLS) id 15.0.1365.1; Fri, 11 Oct 2019 10:30:34 -0400
Received: from oc11expo18.exchange.mit.edu ([18.9.4.49]) by oc11expo18.exchange.mit.edu ([18.9.4.49]) with mapi id 15.00.1365.000; Fri, 11 Oct 2019 10:30:34 -0400
From: Justin Richer <jricher@mit.edu>
To: "txauth@ietf.org" <txauth@ietf.org>
Thread-Topic: Changes to XYZ
Thread-Index: AQHVgEBxy9evq8rGxEizoDOjpjr8Cw==
Date: Fri, 11 Oct 2019 14:30:34 +0000
Message-ID: <CCA51923-A6AA-4F87-B823-6DAA7C327668@mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [71.174.62.56]
Content-Type: multipart/alternative; boundary="_000_CCA51923A6AA4F87B8236DAA7C327668mitedu_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/trBalmXj1rinA9X8EKlLBai_wfM>
Subject: [Txauth] Changes to XYZ
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Oct 2019 14:31:35 -0000
Following last week’s great conversations at IIW, I’ve made a handful of changes to XYZ: - Clients can now signal more than one kind of interaction is possible. Syntactically this means we’re sending keys with booleans instead of a “type” key with a string value. Practically this means that the AS now can choose from among a set of options that the client can do and determine what makes the most sense, probably allowing multiple options that it supports. - Among the new interaction options are “didcomm" and “didcomm_query”, which give us a way to bridge to another kind of front channel that doesn’t use the web browser. In this case, DID-based agents. I can envision lots of other options, from webauthn challenge/response to direct app communications. - Key presentation and key format are now separate from each other. This doesn’t really have much impact on the syntax as it turns out, just the assumptions of what the underlying model is. A “key handle” will still represent a pair of key and presentation method. - I renamed the “client” section to “display” because that’s more what it was — user-facing elements. It’s my hope that this will be less of a place to hang everything off of, like the client ended up being in OAuth2. - I shuffled around a few things to show how the continuation request can happen, and hopefully show how it’s different from a base transaction request. The question still remains of how to specify a continuation request with additional features (more resources, more client info, etc), and that’s going to require careful wording in the client definition. - The “data” element of the resource request is now “datatype”, from feedback on RAR. - I added a “capabilities” array to both the client’s request and server’s response, which will list a set of extensions that are supported. It’s a way to do general purpose discovery through this same interface, and it fits the transaction model well (“this is what I can do, tell me what you can do”). I’ve updated the website https://oauth.xyz/ with these changes, but I haven’t had a chance to update the spec draft text or the implementations yet. I’d love to start getting feedback on these ideas as we’re moving towards the BoF in Singapore! — Justin
- [Txauth] Changes to XYZ Justin Richer
- Re: [Txauth] Changes to XYZ David Waite
- Re: [Txauth] Changes to XYZ Justin Richer