Thanks for the clarification, Nicolas. This makes sense to me and thanks for implementing the RAR spec.
Ciao Hannes -----Original Message----- From: Nicolas Mora <nico...@babelouest.org> Sent: Wednesday, May 4, 2022 10:07 PM To: Hannes Tschofenig <hannes.tschofe...@arm.com>; oauth@ietf.org Subject: Re: [OAUTH-WG] OAuth 2.0 Rich Authorization Requests (RAR): Implementation Status Hello, Sorry for the vague description. By generic way I mean that it has not been implemented for a specific need, so I tried to be as agnostic as possible, to avoid complication for me or the admin who would use it. Basically, in the RAR configuration, you declare what types are expected, for each type what scopes are attached, and what allowed locations, actions, datatypes, auth details or privileges. Then based on this configuration, which is supposed to be known by the clients, the clients build their auth request as they want. But the implementation wasn't designed with a specific use case, that's why I call it 'generic' /Nicolas Le 2022-05-04 à 11 h 51, Hannes Tschofenig a écrit : > Hi Nicolas, > > Thanks for the response. > > I am not sure whether I understand your response correctly. You said that > Glewlwyd supports RAR in a generic way. > What does the "not to support an existing implementation" mean? > > Ciao > Hannes > > -----Original Message----- > From: OAuth <oauth-boun...@ietf.org> On Behalf Of Nicolas Mora > Sent: Monday, April 11, 2022 3:12 AM > To: oauth@ietf.org > Subject: Re: [OAUTH-WG] OAuth 2.0 Rich Authorization Requests (RAR): > Implementation Status > > Hello Hannes, > > Glewlwyd supports rich auth requests, but in a 'generic' way, not to support > an existing implementation. > > https://babelouest.io/glewlwyd/ > > /Nicolas > > Le 2022-04-06 à 09 h 46, Hannes Tschofenig a écrit : >> Hi all, >> >> I am working on the shepherd writeup for the RAR document and the >> IESG is interested to hear about the implementation status of this >> specification. >> >> What implementations are available that use the RAR functionality or >> are vendors planning to implement this specification? >> >> Ciao >> >> Hannes >> >> IMPORTANT NOTICE: The contents of this email and any attachments are >> confidential and may also be privileged. If you are not the intended >> recipient, please notify the sender immediately and do not disclose >> the contents to any other person, use it for any purpose, or store or >> copy the information in any medium. Thank you. >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy the > information in any medium. Thank you. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
