Re: [regext] draft-ietf-regext-rdap-openid Post IETF-115

Wed, 16 Nov 2022 06:45:11 -0800 

Hi Scott,

Il 16/11/2022 14:37, Hollenbeck, Scott ha scritto:

-----Original Message-----
From: Mario Loffredo <mario.loffr...@iit.cnr.it>
Sent: Wednesday, November 16, 2022 2:31 AM
To: Hollenbeck, Scott <shollenb...@verisign.com>;
marc.blanc...@viagenie.ca; kowa...@denic.de
Cc: regext@ietf.org
Subject: [EXTERNAL] Re: [regext] draft-ietf-regext-rdap-openid Post IETF-115

[SAH] [snip]


Why wouldn't it be OpenID? On the contrary, I would say (as a matter of fact
have always said) that it's the classic OpenID scheme where the RDAP server
acts only as a Resource Server and the RDAP client as a Relying Party.

We all know that OpenID is built on top of OAuth, hence it's absolutely
normal
to talk about OAuth flow between the RDAP client and the RDAP server because
the authentication services are requested by the client before submitting
any
request to the server. At that stage of OpenID flow, authentication is over
and
only the authorization services (i.e the OAuth flow) are needed.

Up to now, in order to address the use case of browser operating as RDAP
clients, we have forcefully requested the RDAP server to play two roles,
namely
RS and RP, but it's unusual in the OpenID context.

In addition, the UserInfo endpoint (that the RDAP server can always
access) has been introduced by OpenID.

[SAH] My point was that "pure OAuth" doesn't include the identification and
authentication functions provided by OpenID Connect. Pawel's reply made it
clear that "pure OAuth" was being described in the context of the exchange
between the RDAP client and the RDAP server, with the client taking on the
responsibility of doing the identification/authentication steps with an OP.
That might work.
Doesn't seem to me that I substantially wrote something different from Pawel's reply. 

Surely I didn't make myself clear enough.


Mario


Scott


--
Dott. Mario Loffredo
Technological Unit “Digital Innovation”
Institute of Informatics and Telematics (IIT)
National Research Council (CNR)
via G. Moruzzi 1, I-56124 PISA, Italy
Phone: +39.0503153497
Web: http://www.iit.cnr.it/mario.loffredo

_______________________________________________
regext mailing list
regext@ietf.org
https://www.ietf.org/mailman/listinfo/regext

Reply via email to