Hi! Am 11.08.10 12:40, schrieb Torsten Lodderstedt: > Eve, > > thank you for writting this document. I consider it a good starting > point for a discussion about client registration and discovery. Will > you propose this as a WG item?
I think that's the plan as it is more related more to OAuth in genral than UMA specific. > My comments & questions: > > You propose a host-meta based discovery of the registration endpoint > on the authz server. Could this mechanism be used for discovering all > AS endpoints, e.g. tokens and end-user authorization? I would think so. We concentrated more on the one endpoint we need but it makes sense to discover all of the necessary endpoints that way. So some merge of ideas floating here about general discovery might be useful. > How is a UMA requestor envisioned to discover the auth server? On the Host side the user can tell it which AM (in UMA terms it's an Authorization Manager, some sort of extended AS) to use or it might be discovered via webfinger or similar means. The process for requesters is up to discussion a bit right now. In my prototype the Host is telling the Requester which AM is registered to the resource it tries to access. Then client registration can start from there. > I think host-meta based client discovery could be to limited since it > does not allow (at least in my understanding) to serve different > clients (or their home web apps) on the same host. What about using > JRD or XRD? This would allow for a client-URL-related discovery. You are right. The question here might be if the LRDD part is being used or if maybe directly point to the client spec which would save one redirection. Not sure if we need to add a type field in this case, too (e.g. if JRD or XRD). I would favour to use only one format (JRD) though. -- Christian > What means for authentication a client against its home web app. do > you envision? > > regards, Torsten. > > Am 10.08.2010 um 21:31 schrieb Eve Maler <e...@xmlgrrl.com>: > >> Folks-- The UMA group has produced the following I-D as input to >> the OAuth discovery/registration/binding discussion. We wanted to >> set forth our requirements (knowing that there may be other >> requirements from the wider community) and propose some solutions >> that meet them. If further discussion seems to warrant an updating >> of this draft, we're happy to do that. (If you have interest in >> getting involved in UMA-specific work, feel free to drop me a >> note.) >> >> Eve >> >> http://www.ietf.org/id/draft-oauth-dyn-reg-v1-00.txt >> >> Begin forwarded message: >> >>> From: IETF I-D Submission Tool <idsubmiss...@ietf.org> Date: 10 >>> August 2010 12:23:59 PM PDT To: e...@xmlgrrl.com Cc: >>> c...@comlounge.net, m.p.machu...@ncl.ac.uk Subject: New Version >>> Notification for draft-oauth-dyn-reg-v1-00 >>> >>> >>> A new version of I-D, draft-oauth-dyn-reg-v1-00.txt has been >>> successfully submitted by Eve Maler and posted to the IETF >>> repository. >>> >>> Filename: draft-oauth-dyn-reg-v1 Revision: 00 Title: >>> OAuth Dynamic Client Registration Protocol Creation_date: >>> 2010-08-10 WG ID: Independent Submission Number_of_pages: >>> 20 >>> >>> Abstract: This specification proposes an OAuth Dynamic Client >>> Registration protocol. >>> >>> >>> >>> The IETF Secretariat. >>> >>> >> >> >> Eve Maler http://www.xmlgrrl.com/blog >> http://www.twitter.com/xmlgrrl http://www.linkedin.com/in/evemaler >> >> _______________________________________________ OAuth mailing list >> OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth > _______________________________________________ OAuth mailing list > OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth -- Christian Scholz Homepage: http://comlounge.net COM.lounge GmbH http://mrtopf.de/blog Hanbrucher Str. 33 http://twitter.com/mrtopf 52064 Aachen Skype: HerrTopf Tel: +49 241 400 730 0 c...@comlounge.net Fax: +49 241 979 00 850 IRC: MrTopf Podcasts: Der OpenWeb-Podcast (http://openwebpodcast.de) Data Without Borders (http://datawithoutborders.net) Politisches: http://politfunk.de/ Technical: http://comlounge.tv/ _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
