As I said at the start of the thread: I want to add OAUTH support to the datatracker.
From: Dick Hardt <dick.ha...@gmail.com> Date: Sunday, August 18, 2019 at 4:47 PM To: Rich Salz <rs...@akamai.com> Cc: Hans Zandbelt <hans.zandb...@zmartzone.eu>, John Bradley <ve7...@ve7jtb.com>, "oauth@ietf.org" <oauth@ietf.org> Subject: Re: [OAUTH-WG] Info on how to implement a server What is the goal? On Sun, Aug 18, 2019 at 12:41 PM Salz, Rich <rs...@akamai.com<mailto:rs...@akamai.com>> wrote: Thanks for the links, folks. I’m aware, and sorry for my sloppy terminology. Imagine a service where anyone with a valid identity is authorized. There are many of these on the net. Collapsing authentication to authorization (“everyone authenticated is authorized”) seems not unreasonable. But I don’t want to get distracted from my main goal. Thanks. From: Hans Zandbelt <hans.zandb...@zmartzone.eu<mailto:hans.zandb...@zmartzone.eu>> Date: Saturday, August 17, 2019 at 2:34 PM To: John Bradley <ve7...@ve7jtb.com<mailto:ve7...@ve7jtb.com>> Cc: "oauth@ietf.org<mailto:oauth@ietf.org>" <oauth@ietf.org<mailto:oauth@ietf.org>> Subject: Re: [OAUTH-WG] Info on how to implement a server indeed OAuth != identity see https://oauth.net/articles/authentication/<https://urldefense.proofpoint.com/v2/url?u=https-3A__oauth.net_articles_authentication_&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=QNNK_MY9rFkxOH8kTY5Lb9XzaocnzqHfE2Qy1s1rKIQ&s=S3hNRZN-F73VNr2ls-yKN4bJPSuH4w92SmFc1PAvi4M&e=> Hans. On Sat, Aug 17, 2019 at 8:31 PM John Bradley <ve7...@ve7jtb.com<mailto:ve7...@ve7jtb.com>> wrote: The openID Connect kind of OAuth server. OAuth on its own is not designed to be secure for identity federation. John B. On 8/17/2019 1:23 PM, Salz, Rich wrote: What’s the WG consensus (heh) on the best guide to adding OAUTH support to an existing server so that it can act as an identity provider? Which version of oauth is most widely deployed by relying parties these days? I want to add OAUTH support to the IETF datatracker. Thanks for any pointers. Replies to me will be summarized for the list. /r$ _______________________________________________ OAuth mailing list OAuth@ietf.org<mailto:OAuth@ietf.org> https://www.ietf.org/mailman/listinfo/oauth<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_oauth&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=QNNK_MY9rFkxOH8kTY5Lb9XzaocnzqHfE2Qy1s1rKIQ&s=mYG4MvYj3IpSidDiigZr4NtmXiZ4uzpxrFAGd2WtoFM&e=> _______________________________________________ OAuth mailing list OAuth@ietf.org<mailto:OAuth@ietf.org> https://www.ietf.org/mailman/listinfo/oauth<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_oauth&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=QNNK_MY9rFkxOH8kTY5Lb9XzaocnzqHfE2Qy1s1rKIQ&s=mYG4MvYj3IpSidDiigZr4NtmXiZ4uzpxrFAGd2WtoFM&e=> -- hans.zandb...@zmartzone.eu<mailto:hans.zandb...@zmartzone.eu> ZmartZone IAM - www.zmartzone.eu<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.zmartzone.eu&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=QNNK_MY9rFkxOH8kTY5Lb9XzaocnzqHfE2Qy1s1rKIQ&s=rdGZncYUqvlwcXI7_GGrc5Niii46pDWHdpVklsb0Ijg&e=> _______________________________________________ OAuth mailing list OAuth@ietf.org<mailto:OAuth@ietf.org> https://www.ietf.org/mailman/listinfo/oauth<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_oauth&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=Un8tdGinIVpAqStU4GTgZWwQjRL7tMLUWFLfG5Hciv8&s=rL3JkU3byB6rcZdglzIdfzLMChWwgTRubGUYwiDl_k8&e=>
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
