But why these scopes? On Sun, Apr 2, 2023 at 9:37 PM Clinton Bunch <cdb_i...@zentaur.org> wrote:
> > > On 4/2/2023 2:26 PM, Warren Parad wrote: > > Sorry, I'm asking why these scopes at all? I personally have never seen > any of them used ever (and I'm not being hyperbolic), How did you come up > with these suggestions? > > The naming seemed logical given the IANA URI namespace. I was looking for > something that would be a common set of scopes for this application domain > that wasn't tied to a single vendor. > > The purpose *could* be served by widespread adoption of Google's scopes > such as > > https://www.googleapis.com/auth/calendar > > but I believe that the reliance on a specific vendor name would hamper > wide-spread adoption, so a namespace defined by a neutral party such as > IETF seemed best. > > On Sun, Apr 2, 2023 at 8:46 PM Clinton Bunch <cdb_i...@zentaur.org> wrote: > >> On 4/2/2023 1:34 PM, Warren Parad wrote: >> >> I propose a set of nine well-known scopes >> >> >> Can you elaborate on what you mean by "well-known"? Is there some >> canonical list, where these were pulled from? >> >> I was trying to avoid the use of standard, as that implies they must be >> used. To encourage adoption, I didn't want to imply that the large >> providers would be required to change their software to accommodate these, >> though it would be nice if they did. These scopes are not currently in use >> as far as I know. >> >> The sense of well-known is that once this was published they would be >> well-known scopes that could be implemented with well-defined semantics. >> >> >> - Warren >> >> On Sun, Apr 2, 2023 at 8:12 PM Clinton Bunch <cdb_i...@zentaur.org> >> wrote: >> >>> This seemed the most appropriate working group to post this suggestion. >>> >>> I would like to see a new Internet-Draft/RFC to add some well-known >>> scopes to the IANA registry to promote adoption of Oauth in Groupware >>> domains. I will try to write it myself, but have no experience with >>> I-Ds or as a technical writer and could use some help. >>> >>> Since the publication of RFC 7628 there is a push to migrate groupware >>> servers to use Oauth2. This is hampered by the fact that there are >>> several different server implementations and client implementations are >>> often written by different organizations with little overlap. One of >>> the barriers to widespread adoption is that each authorization server >>> has a different set of scopes to cover the necessary user >>> authorizations. One groupware client I know has only a few Auth Servers >>> available that are hardcoded and nearly every one has a different set of >>> scopes. Servers have to have appropriate scopes configured by the >>> administrator in order for the server to know which scopes to check. It >>> also makes it hard for clients to know which scopes to request without >>> some sort of configuration file provided by the domain or worse, having >>> the user enter the appropriate scopes by hand. The latter especially >>> seems like a support headache for the admin of the groupware servers. >>> >>> I propose a set of nine well-known scopes be added to the Oauth URI IANA >>> registry to address this. >>> >>> urn:ietf:params:oauth:scope:mail:read - Authorization to read >>> email (IMAP,POP) >>> urn:ietf:params:oauth:scope:mail:send - Authorization to send >>> mail on the user's behalf (SMTP) >>> urn:ietf:params:oauth:scope:mail - Combination of the >>> previous two scopes >>> urn:ietf:params:oauth:scope:calendar:read - Authorization to read >>> calendar entries >>> urn:ietf:params:oauth:scope:calendar:update - Authorization to >>> update/create/delete calendar entries >>> urn:ietf:params:oauth:scope:calendar - Combination of the >>> previous two scopes >>> urn:ietf:params:oauth:scope:contacts:read - Authorization to read >>> contacts information >>> urn:ietf:params:oauth:scope:contacts:update - Authorization to >>> update/create/delete contact information. >>> urn:ietf:params:oauth:scope:contacts - Combination of the >>> previous two scopes >>> >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >>> >> >> >
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
