On 4/2/2023 1:34 PM, Warren Parad wrote:
I propose a set of nine well-known scopes
Can you elaborate on what you mean by "well-known"? Is there some
canonical list, where these were pulled from?
I was trying to avoid the use of standard, as that implies they must be
used. To encourage adoption, I didn't want to imply that the large
providers would be required to change their software to accommodate
these, though it would be nice if they did. These scopes are not
currently in use as far as I know.
The sense of well-known is that once this was published they would be
well-known scopes that could be implemented with well-defined semantics.
- Warren
On Sun, Apr 2, 2023 at 8:12 PM Clinton Bunch <cdb_i...@zentaur.org> wrote:
This seemed the most appropriate working group to post this
suggestion.
I would like to see a new Internet-Draft/RFC to add some well-known
scopes to the IANA registry to promote adoption of Oauth in Groupware
domains. I will try to write it myself, but have no experience with
I-Ds or as a technical writer and could use some help.
Since the publication of RFC 7628 there is a push to migrate
groupware
servers to use Oauth2. This is hampered by the fact that there are
several different server implementations and client
implementations are
often written by different organizations with little overlap. One of
the barriers to widespread adoption is that each authorization server
has a different set of scopes to cover the necessary user
authorizations. One groupware client I know has only a few Auth
Servers
available that are hardcoded and nearly every one has a different
set of
scopes. Servers have to have appropriate scopes configured by the
administrator in order for the server to know which scopes to
check. It
also makes it hard for clients to know which scopes to request
without
some sort of configuration file provided by the domain or worse,
having
the user enter the appropriate scopes by hand. The latter especially
seems like a support headache for the admin of the groupware servers.
I propose a set of nine well-known scopes be added to the Oauth
URI IANA
registry to address this.
urn:ietf:params:oauth:scope:mail:read - Authorization to read
email (IMAP,POP)
urn:ietf:params:oauth:scope:mail:send - Authorization to send
mail on the user's behalf (SMTP)
urn:ietf:params:oauth:scope:mail - Combination of the
previous two scopes
urn:ietf:params:oauth:scope:calendar:read - Authorization
to read
calendar entries
urn:ietf:params:oauth:scope:calendar:update - Authorization to
update/create/delete calendar entries
urn:ietf:params:oauth:scope:calendar - Combination of the
previous two scopes
urn:ietf:params:oauth:scope:contacts:read - Authorization
to read
contacts information
urn:ietf:params:oauth:scope:contacts:update - Authorization to
update/create/delete contact information.
urn:ietf:params:oauth:scope:contacts - Combination of the
previous two scopes
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
