Thomas, thanks for writing this draft. I finally got a chance to read it this morning and it is quite helpful and relevant. Do you plan to update it at some point in the light of more recent versions of the core draft?
On 6/9/10 1:17 PM, Thomas Hardjono wrote: > > I was prompted to write this draft after the OATH WG meeting at the last > IETF in March, in which several folks in the room were comparing OAuth with > Kerberos. Some people also suggested to me that a comparative doc might be > useful. > > http://www.ietf.org/internet-drafts/draft-hardjono-oauth-kerberos-00.txt > > The hope is that if OAuth 2.0 wanted to use the Needham-Schroeder (Kerberos) > authentication paradigm, that OAuth could learn from the two decades of > Kerberos development. > > /thomas/ > > > __________________________________________ > > > --- On Wed, 6/9/10, internet-dra...@ietf.org <internet-dra...@ietf.org> > wrote: > >> From: internet-dra...@ietf.org <internet-dra...@ietf.org> >> Subject: I-D Action:draft-hardjono-oauth-kerberos-00.txt >> To: i-d-annou...@ietf.org >> Date: Wednesday, June 9, 2010, 12:00 PM >> A New Internet-Draft is available >> from the on-line Internet-Drafts directories. >> >> Title >> : OAuth 2.0 support for the Kerberos V5 >> Authentication Protocol >> Author(s) >> : T. Hardjono >> Filename: draft-hardjono-oauth-kerberos-00.txt >> Pages >> : 21 >> Date >> : 2010-06-09 >> >> This draft proposes an OAuth2.0 profile for Kerberos >> v5. We compare >> the Kerberos protocol flow with the OAuth protocol flow and >> as far as >> possible map the relevant parameters in Kerberos to OAuth >> parameters. >> We propose the use of the OAuth 2.0 message flows and its >> tokens to >> carry Kerberos TGTs and Service Tickets in an opaque >> manner. >> >> A URL for this Internet-Draft is: >> http://www.ietf.org/internet-drafts/draft-hardjono-oauth-kerberos-00.txt >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> Below is the data which will enable a MIME compliant mail >> reader >> implementation to automatically retrieve the ASCII version >> of the >> Internet-Draft. >> >> -----Inline Attachment Follows----- >> _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
