ge Fletcher
> *Sent:* Monday, January 28, 2019 10:05 AM
> *To:* Brian Campbell
> *Cc:* oauth@ietf.org; Vittorio Bertocci
> *Subject:* Re: [OAUTH-WG] Shepherd write-up for
> draft-ietf-oauth-resource-indicators-01
>
>
>
> +1
>
> I came to a similar conclusion over the w
, January 28, 2019 10:05 AM
To: Brian Campbell
Cc: oauth@ietf.org; Vittorio Bertocci
Subject: Re: [OAUTH-WG] Shepherd write-up for
draft-ietf-oauth-resource-indicators-01
+1
I came to a similar conclusion over the weekend. If
https://api.example.com/mail is an allowed location URI, how is it
>> -- Mike
>>
>>
>>
>> *From:* Rifaat Shekh-Yusef
>> *Sent:* Thursday, January 24, 2019 12:46 PM
>> *To:* George Fletcher
>> *Cc:* Vittorio Bertocci ; Mike Jones <
>> michael.jo...@mic
, January 24, 2019 12:46 PM
> *To:* George Fletcher
> *Cc:* Vittorio Bertocci ; Mike Jones <
> michael.jo...@microsoft.com>; oauth@ietf.org
> *Subject:* Re: [OAUTH-WG] Shepherd write-up for
> draft-ietf-oauth-resource-indicators-01
>
>
>
> All,
>
>
>
> This comi
: Rifaat Shekh-Yusef
Sent: Thursday, January 24, 2019 12:46 PM
To: George Fletcher
Cc: Vittorio Bertocci ; Mike Jones
; oauth@ietf.org
Subject: Re: [OAUTH-WG] Shepherd write-up for
draft-ietf-oauth-resource-indicators-01
All,
This coming Monday, Jan 28 @ 12:00pm Eastern Time, we have a scheduled
>
> *From:* OAuth *On Behalf Of * John Bradley
> *Sent:* Wednesday, January 23, 2019 10:56 AM
> *To:* oauth@ietf.org
> *Subject:* Re: [OAUTH-WG] Shepherd write-up for
> draft-ietf-oauth-resource-indicators-01
>
>
>
> I don't think they are necessarily mutually ex
On Behalf Of John Bradley
Sent: Wednesday, January 23, 2019 10:56 AM
To: oauth@ietf.org
Subject: Re: [OAUTH-WG] Shepherd write-up for
draft-ietf-oauth-resource-indicators-01
I don't think they are necessarily mutually exclusive, that is why I think
there is value in allowing them to be spec
create confusion and ultimately
>>>>>> not be as useful to the developer community as it could be.
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Sat, Jan 19, 2019 at 12:38 Phil Hunt wrote:
>&
.
-- Mike
From: OAuth On Behalf Of Rifaat Shekh-Yusef
Sent: Monday, January 21, 2019 5:36 PM
To: Vittorio Bertocci
Cc: Brian Campbell ; IETF oauth WG
Subject: Re: [OAUTH-WG] Shepherd write-up for
draft-ietf-oauth-resource-indicators-01
Thank you guys!
On Monday
t;>>>> +1 to Mike and John’s comments.
>>>>>>
>>>>>> Phil
>>>>>>
>>>>>> On Jan 19, 2019, at 12:34 PM, Mike Jones >>>>> c...@dmarc.ietf.org> wrote:
>>>>>>
>>>
lt;
>>>>> Michael.Jones=40microsoft@dmarc.ietf.org> wrote:
>>>>>
>>>>> I also agree that “resource” should be a specific network-addressable
>>>>> URL whereas a separate audience parameter (like “aud” in JWTs) can refer
>>>>&g
s..
>>>>
>>>>
>>>>
>>>> Note that the ACE WG is proposing to register a logical audience
>>>> parameter “req_aud” in
>>>> https://tools.ietf.org/html/draft-ietf-ace-oauth-params-01 - partly
>>>> based on feedback from OAuth
logical audience
>>> parameter “req_aud” in
>>> https://tools.ietf.org/html/draft-ietf-ace-oauth-params-01 - partly
>>> based on feedback from OAuth WG members. This is a general OAuth
>>> parameter, which any OAuth deployment will be able to use.
>>>
&g
based on feedback from OAuth WG members. This is a general OAuth
>>> parameter, which any OAuth deployment will be able to use.
>>>
>>>
>>>
>>> I therefore believe that no changes are needed to
>>> draft-ietf-oauth-resource-indicators, as the lo
1 - partly
>> based on feedback from OAuth WG members. This is a general OAuth
>> parameter, which any OAuth deployment will be able to use.
>>
>>
>>
>> I therefore believe that no changes are needed to
>> draft-ietf-oauth-resource-indicators, as the logical audience work is
>> already happening in another draft
dmarc.ietf.org>>; IETF oauth WG
mailto:oauth@ietf.org>>
*Subject:* Re: [OAUTH-WG] Shepherd write-up for
draft-ietf-oauth-resource-indicators-01
We need to decide if we want to make a change.
For security we are location centric.
I prefer to keep resource location s
OAuth *On Behalf Of * John Bradley
> *Sent:* Saturday, January 19, 2019 9:01 AM
> *To:* Brian Campbell
> *Cc:* Vittorio Bertocci ; IETF oauth
> WG
> *Subject:* Re: [OAUTH-WG] Shepherd write-up for
> draft-ietf-oauth-resource-indicators-01
>
>
>
> We need to decide
-- Mike
>
> From: OAuth On Behalf Of John Bradley
> Sent: Saturday, January 19, 2019 9:01 AM
> To: Brian Campbell
> Cc: Vittorio Bertocci ; IETF oauth WG
>
> Subject: Re: [OAUTH-WG] Shepherd write-up for
> draft-ietf-oauth-resource-indicators-01
>
> We
ietf.org>>
Date: Friday, January 18, 2019 at 5:47 AM
To: John Bradley mailto:ve7...@ve7jtb.com>>
Cc: IETF oauth WG mailto:oauth@ietf.org>>
Subject: Re: [OAUTH-WG] Shepherd write-up for
draft-ietf-oauth-resource-indicators-01
Thanks John for the background.
I agree that from the client val
ing scopes to
>>>>> define permissions to the resource.
>>>>>
>>>>> Fortunately, we are using a different parameter name so not stepping
>>>>> on that..
>>>>>
>>>>> We could go back and try to add text explaining t
>>
>>>> We could go back and try to add text explaining the difference, but we
>>>> are quite late in the process.
>>>>
>>>> I agree that a logical resource parameter may be helpful, but perhaps
>>>> it should be a separate draft.
>
t;> On Fri, Jan 18, 2019 at 4:38 PM Richard Backman, Annabelle <
>>> richa...@amazon.com> wrote:
>>>
>>>> Doesn’t the “scope” parameter already provide a means of specifying a
>>>> logical identifier?
>>>>
>>>>
&g
>>> --
>>>
>>> Annabelle Richard Backman
>>>
>>> AWS Identity
>>>
>>>
>>>
>>>
>>>
>>> *From: *OAuth on behalf of Vittorio Bertocci
>>>
>>> *Date: *Friday, January 18, 2019 at 5:47
;> *From: *OAuth on behalf of Vittorio Bertocci
>>
>> *Date: *Friday, January 18, 2019 at 5:47 AM
>> *To: *John Bradley
>> *Cc: *IETF oauth WG
>> *Subject: *Re: [OAUTH-WG] Shepherd write-up for
>> draft-ietf-oauth-resource-indicators-01
>>
>>
>
occi
>
> *Date: *Friday, January 18, 2019 at 5:47 AM
> *To: *John Bradley
> *Cc: *IETF oauth WG
> *Subject: *Re: [OAUTH-WG] Shepherd write-up for
> draft-ietf-oauth-resource-indicators-01
>
>
>
> Thanks John for the background.
>
> I agree that from the client vali
write-up for
draft-ietf-oauth-resource-indicators-01
Thanks John for the background.
I agree that from the client validation PoV, having an identifier corresponding
to a location makes things more solid.
That said: the use of logical identifiers is widespread, as it has significant
practical
Thanks John for the background.
I agree that from the client validation PoV, having an identifier
corresponding to a location makes things more solid.
That said: the use of logical identifiers is widespread, as it has
significant practical advantages (think of services that assign generated
hosting
We have discussed this.
Audiences can certainly be logical identifiers.
This however is a more specific location. The AS is free to map the
location into some abstract audience in the AT.
From a security point of view once the client starts asking for logical
resources it can be tricked int
Hi Vittorio,
The text you quoted is copied form the abstract of the draft itself.
*Authors,*
Should the draft be updated to cover the logical identifier case?
Regards,
Rifaat
On Thu, Jan 17, 2019 at 8:19 AM Vittorio Bertocci
wrote:
> Hi Rifaat,
> one detail. The tech summary says
>
> An e
Hi Rifaat,
one detail. The tech summary says
An extension to the OAuth 2.0 Authorization Framework defining request
parameters that enable a client to explicitly signal to an authorization server
about the *location* of the protected resource(s) to which it is requesting
access.
But at least in t
Thanks Filip!
I will update the write-up accordingly.
Regards,
Rifaat
On Wed, Jan 16, 2019 at 4:51 PM Filip Skokan wrote:
> Hello Rifaat,
>
> The Auth0 link points to a different implementation. Here are two correct
> entries replacing the one you wrote down.
>
> So
>
> * Auth0 has an imple
Hello Rifaat,
The Auth0 link points to a different implementation. Here are two correct
entries replacing the one you wrote down.
So
* Auth0 has an implementation but with a different parameter name
("audience"):
https://auth0.com/docs/api/authentication#authorize-application
* Node.JS Open So
All,
The following is the first shepherd write-up for
the draft-ietf-oauth-resource-indicators-01 document.
https://datatracker.ietf.org/doc/draft-ietf-oauth-resource-indicators/shepherdwriteup/
Please, take a look and let me know if I missed anything.
Regards,
Rifaat
__
33 matches
Mail list logo
