From stpeter@stpeter.im Mon Jun 1 07:43:35 2009 Return-Path: X-Original-To: oauth@core3.amsl.com Delivered-To: oauth@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 186323A6BBE for ; Mon, 1 Jun 2009 07:43:35 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u4Y2bkC9eVEf for ; Mon, 1 Jun 2009 07:43:34 -0700 (PDT) Received: from mailhost.dizzyd.com (dizzyd.com [207.210.219.225]) by core3.amsl.com (Postfix) with ESMTP id 384AB3A69B2 for ; Mon, 1 Jun 2009 07:43:34 -0700 (PDT) Received: from squire.local (dsl-240-1.dynamic-dsl.frii.net [216.17.240.1]) (Authenticated sender: stpeter) by mailhost.dizzyd.com (Postfix) with ESMTPSA id D1E3140C4F for ; Mon, 1 Jun 2009 08:43:31 -0600 (MDT) Message-ID: <4A23E912.8040803@stpeter.im> Date: Mon, 01 Jun 2009 08:43:30 -0600 From: Peter Saint-Andre User-Agent: Thunderbird 2.0.0.21 (Macintosh/20090302) MIME-Version: 1.0 To: oauth@ietf.org X-Enigmail-Version: 0.95.7 OpenPGP: url=http://www.saint-andre.com/me/stpeter.asc Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Subject: [OAUTH-WG] subject line X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Jun 2009 14:43:35 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 FYI, I have changed the subject-line prefix on this list from "[oauth]" to "[OAUTH-WG]" in order to eliminate confusion between this IETF list and the existing community list at oauth@googlegroups.com. Please update your mail filters appropriately. Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkoj6RIACgkQNL8k5A2w/vyWMgCfV3hr+D7Hvyb7nIF3masSIWAg USoAoNpCloeQoznwEXiB6sDmoiwbkN04 =HL24 -----END PGP SIGNATURE----- From stpeter@stpeter.im Tue Jun 2 13:17:42 2009 Return-Path: X-Original-To: oauth@core3.amsl.com Delivered-To: oauth@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0C08A3A7062 for ; Tue, 2 Jun 2009 13:17:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yF1ONlyU1Gjx for ; Tue, 2 Jun 2009 13:17:41 -0700 (PDT) Received: from mailhost.dizzyd.com (dizzyd.com [207.210.219.225]) by core3.amsl.com (Postfix) with ESMTP id 2FC9B3A705F for ; Tue, 2 Jun 2009 13:17:41 -0700 (PDT) Received: from dhcp-64-101-72-227.cisco.com (dhcp-64-101-72-227.cisco.com [64.101.72.227]) (Authenticated sender: stpeter) by mailhost.dizzyd.com (Postfix) with ESMTPSA id 4ABAD40C65; Tue, 2 Jun 2009 14:17:42 -0600 (MDT) Message-ID: <4A2588E5.3080509@stpeter.im> Date: Tue, 02 Jun 2009 14:17:41 -0600 From: Peter Saint-Andre User-Agent: Thunderbird 2.0.0.21 (Macintosh/20090302) MIME-Version: 1.0 To: Hubert Le Van Gong References: <4A20457A.1000507@stpeter.im> <6c0fd2bc0905300454p1d5a49f4vda36c57c080fbb53@mail.gmail.com> In-Reply-To: <6c0fd2bc0905300454p1d5a49f4vda36c57c080fbb53@mail.gmail.com> X-Enigmail-Version: 0.95.7 OpenPGP: url=http://www.saint-andre.com/me/stpeter.asc Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: oauth@ietf.org Subject: Re: [OAUTH-WG] [oauth] WG kickoff X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Jun 2009 20:17:42 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 5/30/09 5:54 AM, Hubert Le Van Gong wrote: > +1 on splitting the spec into 2 documents. > Also since we did have consensus that the 2-legged scenario (browser-less?) is > to be considered, it would fit nicely into the doc #2, wouldn't it? So several people are in favor of splitting the spec into two documents. Does anyone else (such as, say, the document editor? :) have an opinion in the matter? Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkoliOUACgkQNL8k5A2w/vy2WwCgrE86dlVfDEJ/eJoGF6C1PUbN drUAniNiEpI9TzF0Va11UaXgdcQB5AL0 =jq5W -----END PGP SIGNATURE----- From Bill.Smith@Sun.COM Tue Jun 2 13:54:20 2009 Return-Path: X-Original-To: oauth@core3.amsl.com Delivered-To: oauth@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3B8EA3A6D98 for ; Tue, 2 Jun 2009 13:54:20 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.046 X-Spam-Level: X-Spam-Status: No, score=-6.046 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_MISMATCH_COM=0.553, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FQx3TBaBdrvB for ; Tue, 2 Jun 2009 13:54:19 -0700 (PDT) Received: from brmea-mail-2.sun.com (brmea-mail-2.Sun.COM [192.18.98.43]) by core3.amsl.com (Postfix) with ESMTP id 426003A6D63 for ; Tue, 2 Jun 2009 13:54:19 -0700 (PDT) Received: from fe-amer-10.sun.com ([192.18.109.80]) by brmea-mail-2.sun.com (8.13.6+Sun/8.12.9) with ESMTP id n52KsJeH006048 for ; Tue, 2 Jun 2009 20:54:19 GMT MIME-version: 1.0 Content-transfer-encoding: 7BIT Content-type: text/plain; CHARSET=US-ASCII; delsp=yes; format=flowed Received: from conversion-daemon.mail-amer.sun.com by mail-amer.sun.com (Sun Java(tm) System Messaging Server 7u2-7.02 64bit (built Apr 16 2009)) id <0KKM00500PKOBH00@mail-amer.sun.com> for oauth@ietf.org; Tue, 02 Jun 2009 14:54:19 -0600 (MDT) Received: from [192.168.1.101] ([unknown] [67.180.129.161]) by mail-amer.sun.com (Sun Java(tm) System Messaging Server 7u2-7.02 64bit (built Apr 16 2009)) with ESMTPSA id <0KKM000KPQ2HJG60@mail-amer.sun.com> for oauth@ietf.org; Tue, 02 Jun 2009 14:54:18 -0600 (MDT) Date: Tue, 02 Jun 2009 13:54:16 -0700 From: Bill Smith In-reply-to: <4A2588E5.3080509@stpeter.im> Sender: Bill.Smith@Sun.COM To: oauth@ietf.org Message-id: <4FB4F73F-75D7-41BF-BB8B-F32B21C3B42F@sun.com> X-Mailer: Apple Mail (2.935.3) References: <4A20457A.1000507@stpeter.im> <6c0fd2bc0905300454p1d5a49f4vda36c57c080fbb53@mail.gmail.com> <4A2588E5.3080509@stpeter.im> Subject: Re: [OAUTH-WG] [oauth] WG kickoff X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Jun 2009 20:54:20 -0000 Split. On Jun 2, 2009, at 1:17 PM, Peter Saint-Andre wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 5/30/09 5:54 AM, Hubert Le Van Gong wrote: >> +1 on splitting the spec into 2 documents. >> Also since we did have consensus that the 2-legged scenario >> (browser-less?) is >> to be considered, it would fit nicely into the doc #2, wouldn't it? > > So several people are in favor of splitting the spec into two > documents. > Does anyone else (such as, say, the document editor? :) have an > opinion > in the matter? > > Peter > > - -- > Peter Saint-Andre > https://stpeter.im/ > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.8 (Darwin) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iEYEARECAAYFAkoliOUACgkQNL8k5A2w/vy2WwCgrE86dlVfDEJ/eJoGF6C1PUbN > drUAniNiEpI9TzF0Va11UaXgdcQB5AL0 > =jq5W > -----END PGP SIGNATURE----- > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth From jpanzer@google.com Tue Jun 2 17:25:19 2009 Return-Path: X-Original-To: oauth@core3.amsl.com Delivered-To: oauth@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CF50E3A6A12 for ; Tue, 2 Jun 2009 17:25:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -101.977 X-Spam-Level: X-Spam-Status: No, score=-101.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8cTGAvKW0ifp for ; Tue, 2 Jun 2009 17:25:19 -0700 (PDT) Received: from smtp-out.google.com (smtp-out.google.com [216.239.45.13]) by core3.amsl.com (Postfix) with ESMTP id 13F753A6931 for ; Tue, 2 Jun 2009 17:25:18 -0700 (PDT) Received: from zps35.corp.google.com (zps35.corp.google.com [172.25.146.35]) by smtp-out.google.com with ESMTP id n530PJUE020570 for ; Tue, 2 Jun 2009 17:25:20 -0700 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=google.com; s=beta; t=1243988720; bh=XW4JXe1oqVICY9V7WxqVoXlZ0gw=; h=DomainKey-Signature:MIME-Version:In-Reply-To:References:Date: Message-ID:Subject:From:To:Cc:Content-Type: Content-Transfer-Encoding:X-System-Of-Record; b=KV3IkX/6dSelYohkep 84iHAoBMahlerGR7y4BUw8xycDWTDXzhrCD6fmpsH+mvTIVhTF/sFYToimmEt4U1EsE w== DomainKey-Signature: a=rsa-sha1; s=beta; d=google.com; c=nofws; q=dns; h=mime-version:in-reply-to:references:date:message-id:subject:from:to: cc:content-type:content-transfer-encoding:x-system-of-record; b=q0OGSVeFsu8psWUcR/u91Ab9pCC6fJmm2Kh6lpMCTXElq8YO0G/649WBNRqnwgnDR GhIdbpInIPPDy1Q9H9+hg== Received: from qw-out-1920.google.com (qwc5.prod.google.com [10.241.193.133]) by zps35.corp.google.com with ESMTP id n530PIuL011981 for ; Tue, 2 Jun 2009 17:25:18 -0700 Received: by qw-out-1920.google.com with SMTP id 5so4697982qwc.60 for ; Tue, 02 Jun 2009 17:25:18 -0700 (PDT) MIME-Version: 1.0 Received: by 10.229.85.11 with SMTP id m11mr202785qcl.96.1243988718001; Tue, 02 Jun 2009 17:25:18 -0700 (PDT) In-Reply-To: <4FB4F73F-75D7-41BF-BB8B-F32B21C3B42F@sun.com> References: <4A20457A.1000507@stpeter.im> <6c0fd2bc0905300454p1d5a49f4vda36c57c080fbb53@mail.gmail.com> <4A2588E5.3080509@stpeter.im> <4FB4F73F-75D7-41BF-BB8B-F32B21C3B42F@sun.com> Date: Tue, 2 Jun 2009 17:25:17 -0700 Message-ID: From: John Panzer To: Bill Smith Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-System-Of-Record: true Cc: oauth@ietf.org Subject: Re: [OAUTH-WG] [oauth] WG kickoff X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Jun 2009 00:25:20 -0000 +1 to splitting. On Tuesday, June 2, 2009, Bill Smith wrote: > Split. > > On Jun 2, 2009, at 1:17 PM, Peter Saint-Andre wrote: > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 5/30/09 5:54 AM, Hubert Le Van Gong wrote: > > +1 on splitting the spec into 2 documents. > Also since we did have consensus that the 2-legged scenario (browser-less?) is > to be considered, it would fit nicely into the doc #2, wouldn't it? > > > So several people are in favor of splitting the spec into two documents. > Does anyone else (such as, say, the document editor? :) have an opinion > in the matter? > > Peter > > - -- > Peter Saint-Andre > https://stpeter.im/ > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.8 (Darwin) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iEYEARECAAYFAkoliOUACgkQNL8k5A2w/vy2WwCgrE86dlVfDEJ/eJoGF6C1PUbN > drUAniNiEpI9TzF0Va11UaXgdcQB5AL0 > =jq5W > -----END PGP SIGNATURE----- > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > -- -- John Panzer / Blogger jpanzer@google.com / abstractioneer.org / @jpanzer From eran@hueniverse.com Tue Jun 2 20:11:27 2009 Return-Path: X-Original-To: oauth@core3.amsl.com Delivered-To: oauth@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 332283A688D for ; Tue, 2 Jun 2009 20:11:27 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.598 X-Spam-Level: X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HD6Eaj9-2HkV for ; Tue, 2 Jun 2009 20:11:26 -0700 (PDT) Received: from p3plex1out01.prod.phx3.secureserver.net (p3plex1out01.prod.phx3.secureserver.net [72.167.180.17]) by core3.amsl.com (Postfix) with SMTP id 4E6493A6855 for ; Tue, 2 Jun 2009 20:11:26 -0700 (PDT) Received: (qmail 17546 invoked from network); 3 Jun 2009 03:11:25 -0000 Received: from unknown (HELO smtp.ex1.secureserver.net) (72.167.180.19) by p3plex1out01.prod.phx3.secureserver.net with SMTP; 3 Jun 2009 03:11:24 -0000 Received: from P3PW5EX1MB01.EX1.SECURESERVER.NET ([10.6.135.19]) by P3PW5EX1HT001.EX1.SECURESERVER.NET ([72.167.180.19]) with mapi; Tue, 2 Jun 2009 20:11:24 -0700 From: Eran Hammer-Lahav To: Peter Saint-Andre , Hubert Le Van Gong Date: Tue, 2 Jun 2009 20:11:19 -0700 Thread-Topic: [OAUTH-WG] [oauth] WG kickoff Thread-Index: AcnjvziriN9sZANfToiXCNnOHK2kjAAOb40p Message-ID: In-Reply-To: <4A2588E5.3080509@stpeter.im> Accept-Language: en-US Content-Language: en X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: multipart/alternative; boundary="_000_C64B37E7192B0eranhueniversecom_" MIME-Version: 1.0 Cc: "oauth@ietf.org" Subject: Re: [OAUTH-WG] [oauth] WG kickoff X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Jun 2009 03:11:27 -0000 --_000_C64B37E7192B0eranhueniversecom_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I believe I was the one who originally suggested it :-) Most of the work I put in the last draft was to enable just that. EHL On 6/2/09 1:17 PM, "Peter Saint-Andre" wrote: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 5/30/09 5:54 AM, Hubert Le Van Gong wrote: > +1 on splitting the spec into 2 documents. > Also since we did have consensus that the 2-legged scenario (browser-less= ?) is > to be considered, it would fit nicely into the doc #2, wouldn't it? So several people are in favor of splitting the spec into two documents. Does anyone else (such as, say, the document editor? :) have an opinion in the matter? Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkoliOUACgkQNL8k5A2w/vy2WwCgrE86dlVfDEJ/eJoGF6C1PUbN drUAniNiEpI9TzF0Va11UaXgdcQB5AL0 =3Djq5W -----END PGP SIGNATURE----- _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth --_000_C64B37E7192B0eranhueniversecom_ Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Re: [OAUTH-WG] [oauth] WG kickoff I believe I was the one who originally suggested it :-)

Most of the work I put in the last draft was to enable just that.

EHL


On 6/2/09 1:17 PM, "Peter Saint-Andre" <stpeter@stpeter.im> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 5/30/09 5:54 AM, Hubert Le Van Gong wrote:
> +1 on splitting the spec into 2 documents.
> Also since we did have consensus that the 2-legged scenario (browser-l= ess?) is
> to be considered, it would fit nicely into the doc #2, wouldn't it?
So several people are in favor of splitting the spec into two documents. Does anyone else (such as, say, the document editor? :) have an opinion
in the matter?

Peter

- --
Peter Saint-Andre
https://stpeter.im/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - = http://enigmail.mozdev.org

iEYEARECAAYFAkoliOUACgkQNL8k5A2w/vy2WwCgrE86dlVfDEJ/eJoGF6C1PUbN
drUAniNiEpI9TzF0Va11UaXgdcQB5AL0
=3Djq5W
-----END PGP SIGNATURE-----
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.or= g/mailman/listinfo/oauth

--_000_C64B37E7192B0eranhueniversecom_-- From rbarnes@bbn.com Tue Jun 2 20:24:46 2009 Return-Path: X-Original-To: oauth@core3.amsl.com Delivered-To: oauth@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 163023A69EE for ; Tue, 2 Jun 2009 20:24:46 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jn9DCy9LRD2h for ; Tue, 2 Jun 2009 20:24:45 -0700 (PDT) Received: from mx3.bbn.com (mx3.bbn.com [128.33.1.81]) by core3.amsl.com (Postfix) with ESMTP id 1A8543A67A3 for ; Tue, 2 Jun 2009 20:24:45 -0700 (PDT) Received: from [128.89.254.245] (helo=Richard-Barnes-Laptop.local) by mx3.bbn.com with esmtp (Exim 4.63) (envelope-from ) id 1MBh5n-0004xA-B7; Tue, 02 Jun 2009 23:24:43 -0400 Message-ID: <4A25ECFA.6060201@bbn.com> Date: Tue, 02 Jun 2009 23:24:42 -0400 From: Richard Barnes User-Agent: Thunderbird 2.0.0.21 (Macintosh/20090302) MIME-Version: 1.0 To: Eran Hammer-Lahav References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: "oauth@ietf.org" Subject: Re: [OAUTH-WG] [oauth] WG kickoff X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Jun 2009 03:24:46 -0000 The current draft is a good start, but I think some of Section 4 (the mechanism section) needs to move toward Section 3 (the protocol section). Namely, the logical interactions (who gives what to whom) can be defined in the abstract, as the parameters and computations currently are. Section 4 (or the other draft) would then specify how the data get moved in HTTP. --Richard Eran Hammer-Lahav wrote: > I believe I was the one who originally suggested it :-) > > Most of the work I put in the last draft was to enable just that. > > EHL > > > On 6/2/09 1:17 PM, "Peter Saint-Andre" wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 5/30/09 5:54 AM, Hubert Le Van Gong wrote: >> +1 on splitting the spec into 2 documents. >> Also since we did have consensus that the 2-legged scenario (browser-less?) is >> to be considered, it would fit nicely into the doc #2, wouldn't it? > > So several people are in favor of splitting the spec into two documents. > Does anyone else (such as, say, the document editor? :) have an opinion > in the matter? > > Peter > > - -- > Peter Saint-Andre > https://stpeter.im/ > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.8 (Darwin) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iEYEARECAAYFAkoliOUACgkQNL8k5A2w/vy2WwCgrE86dlVfDEJ/eJoGF6C1PUbN > drUAniNiEpI9TzF0Va11UaXgdcQB5AL0 > =jq5W > -----END PGP SIGNATURE----- > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > > > > ------------------------------------------------------------------------ > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth From stpeter@stpeter.im Tue Jun 2 20:31:26 2009 Return-Path: X-Original-To: oauth@core3.amsl.com Delivered-To: oauth@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C879E3A6E33 for ; Tue, 2 Jun 2009 20:31:26 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iZHMiurhCKWa for ; Tue, 2 Jun 2009 20:31:25 -0700 (PDT) Received: from mailhost.dizzyd.com (dizzyd.com [207.210.219.225]) by core3.amsl.com (Postfix) with ESMTP id 0CA543A6AA5 for ; Tue, 2 Jun 2009 20:31:23 -0700 (PDT) Received: from squire.local (dsl-240-1.dynamic-dsl.frii.net [216.17.240.1]) (Authenticated sender: stpeter) by mailhost.dizzyd.com (Postfix) with ESMTPSA id 0797340C6D; Tue, 2 Jun 2009 21:31:21 -0600 (MDT) Message-ID: <4A25EE89.7060903@stpeter.im> Date: Tue, 02 Jun 2009 21:31:21 -0600 From: Peter Saint-Andre User-Agent: Thunderbird 2.0.0.21 (Macintosh/20090302) MIME-Version: 1.0 To: Eran Hammer-Lahav References: In-Reply-To: X-Enigmail-Version: 0.95.7 OpenPGP: url=http://www.saint-andre.com/me/stpeter.asc Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: "oauth@ietf.org" Subject: Re: [OAUTH-WG] [oauth] WG kickoff X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Jun 2009 03:31:26 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 6/2/09 9:11 PM, Eran Hammer-Lahav wrote: > I believe I was the one who originally suggested it :-) > > Most of the work I put in the last draft was to enable just that. Well, then, I think we're on track. :) Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkol7ogACgkQNL8k5A2w/vz4ogCeKk6uQuzOQuq2HO/G8V/plwpm NUoAoJhdKlQ7l27KwtVYkG0MpQZGbgyF =9SU3 -----END PGP SIGNATURE----- From eran@hueniverse.com Wed Jun 3 09:26:43 2009 Return-Path: X-Original-To: oauth@core3.amsl.com Delivered-To: oauth@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AE4183A6D6E for ; Wed, 3 Jun 2009 09:26:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.001, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EX9QS-9Q6dtQ for ; Wed, 3 Jun 2009 09:26:42 -0700 (PDT) Received: from p3plex1out02.prod.phx3.secureserver.net (p3plex1out02.prod.phx3.secureserver.net [72.167.180.18]) by core3.amsl.com (Postfix) with SMTP id B58DA3A695B for ; Wed, 3 Jun 2009 09:26:41 -0700 (PDT) Received: (qmail 6263 invoked from network); 3 Jun 2009 16:26:26 -0000 Received: from unknown (HELO smtp.ex1.secureserver.net) (72.167.180.19) by p3plex1out02.prod.phx3.secureserver.net with SMTP; 3 Jun 2009 16:26:25 -0000 Received: from P3PW5EX1MB01.EX1.SECURESERVER.NET ([10.6.135.19]) by P3PW5EX1HT001.EX1.SECURESERVER.NET ([72.167.180.19]) with mapi; Wed, 3 Jun 2009 09:26:16 -0700 From: Eran Hammer-Lahav To: "oauth@ietf.org" Date: Wed, 3 Jun 2009 09:26:12 -0700 Thread-Topic: [OAUTH-WG] [oauth] WG kickoff Thread-Index: Acnj+tilz9vkp2g8R3Cqz6A+jRG9hgAbSl5K Message-ID: In-Reply-To: <4A25ECFA.6060201@bbn.com> Accept-Language: en-US Content-Language: en X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [OAUTH-WG] [oauth] WG kickoff X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Jun 2009 16:26:43 -0000 The entire spec is HTTP specific. Section 3 is about signing HTTP requests. Section 4 is about getting tokens via HTTP and a browser. Section 3 answers: How to make authenticated HTTP requests with two sets of credentials? Section 4 answers: Hot to obtain a set of token credentials (currently limited to a single method using a browser)? I am not clear what you think should be moved around but I think we should define the specs in terms of what questions they answer. EHL On 6/2/09 8:24 PM, "Richard Barnes" wrote: > The current draft is a good start, but I think some of Section 4 (the > mechanism section) needs to move toward Section 3 (the protocol section). >=20 > Namely, the logical interactions (who gives what to whom) can be defined > in the abstract, as the parameters and computations currently are. > Section 4 (or the other draft) would then specify how the data get moved > in HTTP. >=20 > --Richard >=20 >=20 >=20 >=20 > Eran Hammer-Lahav wrote: >> I believe I was the one who originally suggested it :-) >>=20 >> Most of the work I put in the last draft was to enable just that. >>=20 >> EHL >>=20 >>=20 >> On 6/2/09 1:17 PM, "Peter Saint-Andre" wrote: >>=20 >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >>=20 >> On 5/30/09 5:54 AM, Hubert Le Van Gong wrote: >>> +1 on splitting the spec into 2 documents. >>> Also since we did have consensus that the 2-legged scenario (browser-le= ss?) >>> is >>> to be considered, it would fit nicely into the doc #2, wouldn't it? >>=20 >> So several people are in favor of splitting the spec into two documents. >> Does anyone else (such as, say, the document editor? :) have an opinion >> in the matter? >>=20 >> Peter >>=20 >> - -- >> Peter Saint-Andre >> https://stpeter.im/ >>=20 >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.8 (Darwin) >> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org >>=20 >> iEYEARECAAYFAkoliOUACgkQNL8k5A2w/vy2WwCgrE86dlVfDEJ/eJoGF6C1PUbN >> drUAniNiEpI9TzF0Va11UaXgdcQB5AL0 >> =3Djq5W >> -----END PGP SIGNATURE----- >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >>=20 >>=20 >>=20 >>=20 >> ------------------------------------------------------------------------ >>=20 >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >=20 From trac@tools.ietf.org Thu Jun 18 09:03:04 2009 Return-Path: X-Original-To: oauth@core3.amsl.com Delivered-To: oauth@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 36DC828C441 for ; Thu, 18 Jun 2009 09:03:04 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.581 X-Spam-Level: X-Spam-Status: No, score=-102.581 tagged_above=-999 required=5 tests=[AWL=0.020, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PPjwgf4O4P0r for ; Thu, 18 Jun 2009 09:03:03 -0700 (PDT) Received: from zinfandel.tools.ietf.org (zinfandel.tools.ietf.org [IPv6:2001:1890:1112:1:214:22ff:fe1f:1e54]) by core3.amsl.com (Postfix) with ESMTP id 97BED28C43C for ; Thu, 18 Jun 2009 09:03:03 -0700 (PDT) Received: from localhost ([::1] helo=zinfandel.tools.ietf.org) by zinfandel.tools.ietf.org with esmtp (Exim 4.69) (envelope-from ) id 1MHK56-0006yl-5E; Thu, 18 Jun 2009 09:03:16 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="ascii" Content-Transfer-Encoding: 7bit From: "oauth issue tracker" X-Trac-Version: 0.11.1 Precedence: bulk Auto-Submitted: auto-generated X-Mailer: Trac 0.11.1, by Edgewall Software To: stpeter@stpeter.im X-Trac-Project: oauth Date: Thu, 18 Jun 2009 16:03:16 -0000 X-URL: http://tools.ietf.org/oauth/ X-Trac-Ticket-URL: http://trac.tools.ietf.org/wg/oauth/trac/ticket/1 Message-ID: <058.e713ae6557cb39775b60a8c81073c3ab@tools.ietf.org> X-Trac-Ticket-ID: 1 X-SA-Exim-Connect-IP: ::1 X-SA-Exim-Rcpt-To: stpeter@stpeter.im, oauth@ietf.org X-SA-Exim-Mail-From: trac@tools.ietf.org X-SA-Exim-Scanned: No (on zinfandel.tools.ietf.org); SAEximRunCond expanded to false X-Mailman-Approved-At: Thu, 18 Jun 2009 09:03:58 -0700 Cc: oauth@ietf.org Subject: [OAUTH-WG] [oauth] #1: Split core spec into two documents X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.9 Reply-To: trac@localhost.amsl.com List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Jun 2009 16:03:04 -0000 #1: Split core spec into two documents -------------------------------+-------------------------------------------- Reporter: stpeter@stpeter.im | Owner: Eran Hammer-Lahav Type: task | Status: new Priority: major | Milestone: milestone1 Version: | Severity: Active WG Document Keywords: | -------------------------------+-------------------------------------------- Per list consensus, split the core spec into two documents: 1. The format and protocol for authentication requests as in Section 3 of draft-hammer-oauth-02 2. The authorization workflow (or workflows) as in Section 4 of draft-hammer-oauth-02 -- Ticket URL: oauth From stpeter@stpeter.im Thu Jun 18 10:14:31 2009 Return-Path: X-Original-To: oauth@core3.amsl.com Delivered-To: oauth@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5047E3A688A for ; Thu, 18 Jun 2009 10:14:31 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.424 X-Spam-Level: X-Spam-Status: No, score=-2.424 tagged_above=-999 required=5 tests=[AWL=0.175, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yDQGbdIGfccO for ; Thu, 18 Jun 2009 10:14:30 -0700 (PDT) Received: from stpeter.im (stpeter.im [207.210.219.233]) by core3.amsl.com (Postfix) with ESMTP id 55B3A3A6B19 for ; Thu, 18 Jun 2009 10:14:30 -0700 (PDT) Received: from squire.local (dsl-205-141.dynamic-dsl.frii.net [216.17.205.141]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 15A2F40D02 for ; Thu, 18 Jun 2009 11:14:29 -0600 (MDT) Message-ID: <4A3A75EC.3090501@stpeter.im> Date: Thu, 18 Jun 2009 11:14:20 -0600 From: Peter Saint-Andre User-Agent: Thunderbird 2.0.0.21 (Macintosh/20090302) MIME-Version: 1.0 To: "oauth@ietf.org" References: <058.e713ae6557cb39775b60a8c81073c3ab@tools.ietf.org> In-Reply-To: <058.e713ae6557cb39775b60a8c81073c3ab@tools.ietf.org> X-Enigmail-Version: 0.95.7 OpenPGP: url=http://www.saint-andre.com/me/stpeter.asc Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Subject: Re: [OAUTH-WG] [oauth] #1: Split core spec into two documents X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Jun 2009 17:14:31 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 6/18/09 10:03 AM, oauth issue tracker wrote: > #1: Split core spec into two documents > -------------------------------+-------------------------------------------- > Reporter: stpeter@stpeter.im | Owner: Eran Hammer-Lahav > Type: task | Status: new > Priority: major | Milestone: milestone1 > Version: | Severity: Active WG Document > Keywords: | > -------------------------------+-------------------------------------------- > Per list consensus, split the core spec into two documents: > > 1. The format and protocol for authentication requests as in Section 3 > of draft-hammer-oauth-02 > > 2. The authorization workflow (or workflows) as in Section 4 of > draft-hammer-oauth-02 This was a first test of the issue tracker. More here: http://tools.ietf.org/wg/oauth/ To make changes to the wiki and issue tracker, you can create an account here: http://trac.tools.ietf.org/newpasswd I think it would be most productive to hold off on submitting additional tickets until Eran has had a chance to complete the spec split, but I'm open to other opinions. :) Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAko6dewACgkQNL8k5A2w/vzvQACeOrCK69XqWqO00nedbSYjz4Z3 9eAAoL8NM/CqfrNcbglQusKb64saCQ3o =ijMy -----END PGP SIGNATURE----- From stpeter@stpeter.im Tue Jun 23 11:48:00 2009 Return-Path: X-Original-To: oauth@core3.amsl.com Delivered-To: oauth@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 280F33A6CB8 for ; Tue, 23 Jun 2009 11:48:00 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.361 X-Spam-Level: X-Spam-Status: No, score=-2.361 tagged_above=-999 required=5 tests=[AWL=0.238, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FvfTBQdxG-s2 for ; Tue, 23 Jun 2009 11:47:59 -0700 (PDT) Received: from stpeter.im (stpeter.im [207.210.219.233]) by core3.amsl.com (Postfix) with ESMTP id 2308E3A681C for ; Tue, 23 Jun 2009 11:47:59 -0700 (PDT) Received: from dhcp-64-101-72-227.cisco.com (dhcp-64-101-72-227.cisco.com [64.101.72.227]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 01C29400EE for ; Tue, 23 Jun 2009 12:48:12 -0600 (MDT) Message-ID: <4A41236C.6090302@stpeter.im> Date: Tue, 23 Jun 2009 12:48:12 -0600 From: Peter Saint-Andre User-Agent: Thunderbird 2.0.0.21 (Macintosh/20090302) MIME-Version: 1.0 To: "oauth@ietf.org" X-Enigmail-Version: 0.95.7 OpenPGP: url=http://www.saint-andre.com/me/stpeter.asc Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Subject: [OAUTH-WG] [Fwd: [oauth] Re: Oauth for 2 legged services] X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Jun 2009 18:48:00 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------- Original Message -------- Subject: [oauth] Re: Oauth for 2 legged services Date: Tue, 23 Jun 2009 13:41:48 -0500 From: Josh Roesslein Reply-To: oauth@googlegroups.com To: oauth@googlegroups.com References: <5cf91b64-f8d1-4c8c-bf87-0dac4fea617f@r33g2000yqn.googlegroups.com> On Tue, Jun 23, 2009 at 10:48 AM, ngw > wrote: Hi *, I'm trying to figure out how to implement OAuth for my own site, and something is still not completely clear. For example, I need to authenticate a certain class of users (site administrators) for a management interface. These users can see every kind of data and have read/write permissions on basically everything. Obviously, authentication and authorization is critical. This interface should basically authenticate against the main site with username and password and check for a given flag. If I understood OAuth correctly the workflow is 1) The user points to foo.bar.com 2) foo.bar.com contacts bar.com and asks the user to login in case the user isn't 3) in case the credentials are right bar.com asks the user if the application foo.bar.com can use his data, in case the credentials are wrong the user is redirected to a bar.com page 4) foo.bar.com queries the account of the user and checks if he is an administrator What you describe here is a three legged flow. The two legged flow does not perform an user authentication with the SP. Instead we are just authenticating the consumer with the SP. This consumer can represent a single user or many, but to the SP its just one user. The consumer authenticates with the SP by signing each request with its shared secrete. The SP detects a two legged request by the missing access token. It must then verify the signature and identify the "user" by the consumer token. Two legged is a good approach to use for instances where you don't care who the user is or if the consumer is just a single user (ex. desktop app). Another question I have is what happens when the user connects after some time, is he already authenticated or it's just a matter to set some kind of expiration time for the token ? With two legged the session would remain open until the SP disables the consumer's secrete. With three legged its up to the SP when to expire the access token. I hope this helps clear things up for you. Good luck. Josh - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to oauth@googlegroups.com To unsubscribe from this group, send email to oauth+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/oauth?hl=en - -~----------~----~----~----~------~----~------~--~--- - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkpBI2sACgkQNL8k5A2w/vyV4ACfX/hv/K6VKUuCun2SzDWu2TES QRIAn3hNjqeIKkX9RdsRfeMjblQObVqN =4wAE -----END PGP SIGNATURE----- From stpeter@stpeter.im Tue Jun 23 11:50:21 2009 Return-Path: X-Original-To: oauth@core3.amsl.com Delivered-To: oauth@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A15A13A6D2F for ; Tue, 23 Jun 2009 11:50:21 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.379 X-Spam-Level: X-Spam-Status: No, score=-2.379 tagged_above=-999 required=5 tests=[AWL=0.220, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nHncOqiDnlEm for ; Tue, 23 Jun 2009 11:50:20 -0700 (PDT) Received: from stpeter.im (stpeter.im [207.210.219.233]) by core3.amsl.com (Postfix) with ESMTP id 685CA3A681C for ; Tue, 23 Jun 2009 11:50:20 -0700 (PDT) Received: from dhcp-64-101-72-227.cisco.com (dhcp-64-101-72-227.cisco.com [64.101.72.227]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 5EACD400EE for ; Tue, 23 Jun 2009 12:50:22 -0600 (MDT) Message-ID: <4A4123ED.7030609@stpeter.im> Date: Tue, 23 Jun 2009 12:50:21 -0600 From: Peter Saint-Andre User-Agent: Thunderbird 2.0.0.21 (Macintosh/20090302) MIME-Version: 1.0 To: "oauth@ietf.org" References: <4A41236C.6090302@stpeter.im> In-Reply-To: <4A41236C.6090302@stpeter.im> X-Enigmail-Version: 0.95.7 OpenPGP: url=http://www.saint-andre.com/me/stpeter.asc Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Subject: Re: [OAUTH-WG] [Fwd: [oauth] Re: Oauth for 2 legged services] X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Jun 2009 18:50:21 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oops. I meant to say that it would be very helpful to have a clear explanation of these various "legged" scenarios in the OAuth workflow specification. Peter On 6/23/09 12:48 PM, Peter Saint-Andre wrote: > > > -------- Original Message -------- > Subject: [oauth] Re: Oauth for 2 legged services > Date: Tue, 23 Jun 2009 13:41:48 -0500 > From: Josh Roesslein > Reply-To: oauth@googlegroups.com > To: oauth@googlegroups.com > References: > <5cf91b64-f8d1-4c8c-bf87-0dac4fea617f@r33g2000yqn.googlegroups.com> > > > > On Tue, Jun 23, 2009 at 10:48 AM, ngw > wrote: > > > Hi *, I'm trying to figure out how to implement OAuth for my own site, > and something is still not completely clear. > For example, I need to authenticate a certain class of users (site > administrators) for a management interface. These users can see every > kind of data and have read/write permissions on basically everything. > Obviously, authentication and authorization is critical. > This interface should basically authenticate against the main site > with username and password and check for a given flag. > > If I understood OAuth correctly the workflow is > 1) The user points to foo.bar.com > 2) foo.bar.com contacts bar.com > and asks the user to login in case the > user isn't > 3) in case the credentials are right bar.com asks > the user if the > application foo.bar.com can use his data, in > case the credentials are > wrong the user is redirected to a bar.com page > 4) foo.bar.com queries the account of the user > and checks if he is an > administrator > > > What you describe here is a three legged flow. The two legged flow does > not perform an user > authentication with the SP. Instead we are just authenticating the > consumer with the SP. This consumer can represent > a single user or many, but to the SP its just one user. The consumer > authenticates with the SP by signing each > request with its shared secrete. The SP detects a two legged request by > the missing access token. It must then > verify the signature and identify the "user" by the consumer token. Two > legged is a good approach to use for instances where you don't care who > the user is or if the consumer is just a single user (ex. desktop app). > > > Another question I have is what happens when the user connects after > some time, is he already authenticated or it's just a matter to set > some kind of expiration time for the token ? > > > With two legged the session would remain open until the SP disables the > consumer's secrete. > With three legged its up to the SP when to expire the access token. > > I hope this helps clear things up for you. Good luck. > > Josh > > --~--~---------~--~----~------------~-------~--~----~ > You received this message because you are subscribed to the Google > Groups "OAuth" group. > To post to this group, send email to oauth@googlegroups.com > To unsubscribe from this group, send email to > oauth+unsubscribe@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/oauth?hl=en > -~----------~----~----~----~------~----~------~--~--- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkpBI+0ACgkQNL8k5A2w/vwbkgCeMRwKqEs6QE+SdAfACKB3nqph cfgAoJdMX0oA3qQ7xhIFblTawt5XM/4f =HUfu -----END PGP SIGNATURE----- From eran@hueniverse.com Wed Jun 24 16:34:14 2009 Return-Path: X-Original-To: oauth@core3.amsl.com Delivered-To: oauth@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A6F823A6D93 for ; Wed, 24 Jun 2009 16:34:14 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7PgfbNdKHJsP for ; Wed, 24 Jun 2009 16:34:14 -0700 (PDT) Received: from p3plex1out02.prod.phx3.secureserver.net (p3plex1out02.prod.phx3.secureserver.net [72.167.180.18]) by core3.amsl.com (Postfix) with SMTP id BEACE3A6DA0 for ; Wed, 24 Jun 2009 16:34:00 -0700 (PDT) Received: (qmail 28288 invoked from network); 24 Jun 2009 23:30:49 -0000 Received: from unknown (HELO smtp.ex1.secureserver.net) (72.167.180.21) by p3plex1out02.prod.phx3.secureserver.net with SMTP; 24 Jun 2009 23:30:49 -0000 Received: from P3PW5EX1MB01.EX1.SECURESERVER.NET ([10.6.135.19]) by P3PW5EX1HT003.EX1.SECURESERVER.NET ([72.167.180.21]) with mapi; Wed, 24 Jun 2009 16:30:23 -0700 From: Eran Hammer-Lahav To: "oauth@ietf.org" Date: Wed, 24 Jun 2009 16:30:39 -0700 Thread-Topic: Naming drafts Thread-Index: Acn1I8jJqtM6rDrsSsqbp9uhx/B9Ww== Message-ID: <90C41DD21FB7C64BB94121FBBC2E723437833980BB@P3PW5EX1MB01.EX1.SECURESERVER.NET> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: [OAUTH-WG] Naming drafts X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Jun 2009 23:34:14 -0000 I am thinking about naming the two drafts: draft-ietf-oauth-authentication (section 3) draft-ietf-oauth-web-authorization (section 4) Comments? EHL From James.H.Manger@team.telstra.com Wed Jun 24 18:09:54 2009 Return-Path: X-Original-To: oauth@core3.amsl.com Delivered-To: oauth@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3093228C4F7 for ; Wed, 24 Jun 2009 18:09:54 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.895 X-Spam-Level: X-Spam-Status: No, score=-1.895 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_AU=0.377, HOST_EQ_AU=0.327] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YOdztmMfsHaR for ; Wed, 24 Jun 2009 18:09:53 -0700 (PDT) Received: from mailipbo.ntcif.telstra.com.au (mailipbo.ntcif.telstra.com.au [202.12.233.29]) by core3.amsl.com (Postfix) with ESMTP id D57E43A69FF for ; Wed, 24 Jun 2009 18:09:52 -0700 (PDT) Received: from unknown (HELO mailbi.ntcif.telstra.com.au) ([202.12.162.19]) by mailipbi.ntcif.telstra.com.au with ESMTP; 25 Jun 2009 11:09:36 +1000 Received: from mail2.cdn.telstra.com.au (localhost [127.0.0.1]) by mailbi.ntcif.telstra.com.au (Postfix) with ESMTP id 93A5A10247 for ; Thu, 25 Jun 2009 11:09:36 +1000 (EST) Received: from WSMSG3701.srv.dir.telstra.com (wsmsg3701.srv.dir.telstra.com [172.49.40.169]) by mail2.cdn.telstra.com.au (Postfix) with ESMTP id 084C141EC8 for ; Thu, 25 Jun 2009 11:09:21 +1000 (EST) Received: from WSMSG3153V.srv.dir.telstra.com ([172.49.40.159]) by WSMSG3701.srv.dir.telstra.com ([172.49.40.169]) with mapi; Thu, 25 Jun 2009 11:09:32 +1000 From: "Manger, James H" To: "oauth@ietf.org" Date: Thu, 25 Jun 2009 11:09:31 +1000 Thread-Topic: Naming drafts Thread-Index: Acn1I8jJqtM6rDrsSsqbp9uhx/B9WwADPxKA Message-ID: <255B9BB34FB7D647A506DC292726F6E112238C9810@WSMSG3153V.srv.dir.telstra.com> References: <90C41DD21FB7C64BB94121FBBC2E723437833980BB@P3PW5EX1MB01.EX1.SECURESERVER.NET> In-Reply-To: <90C41DD21FB7C64BB94121FBBC2E723437833980BB@P3PW5EX1MB01.EX1.SECURESERVER.NET> Accept-Language: en-US, en-AU Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: acceptlanguage: en-US, en-AU Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_NextPart_000_000E_01C9F585.6A0BE630" MIME-Version: 1.0 Subject: Re: [OAUTH-WG] Naming drafts X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Jun 2009 01:09:54 -0000 ------=_NextPart_000_000E_01C9F585.6A0BE630 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable draft-ietf-oauth-web-delegation (section 4) would be my preference ("delegation" instead of "authorization") James Manger James.H.Manger@team.telstra.com Identity and security team =E2=80=94 Chief Technology Office =E2=80=94 = Telstra ---------- From: oauth-bounces@ietf.org [mailto:oauth-bounces@ietf.org] On Behalf = Of Eran Hammer-Lahav Sent: Thursday, 25 June 2009 9:31 AM To: oauth@ietf.org Subject: [OAUTH-WG] Naming drafts I am thinking about naming the two drafts: draft-ietf-oauth-authentication (section 3) draft-ietf-oauth-web-authorization (section 4) Comments? ------=_NextPart_000_000E_01C9F585.6A0BE630 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIbMzCCBjsw ggUjoAMCAQICChdxQLUAAAAAAXowDQYJKoZIhvcNAQEFBQAwFzEVMBMGA1UEAxMMTWVzc2FnaW5n IENBMB4XDTA5MDMzMDA0MDM1NloXDTEwMDMzMDA0MDM1NlowEjEQMA4GA1UEAxMHYzc5OTg3ODCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAO8P/+Fi1PoZEwtviknjbBwidlGRLsFmvBzs 17SVVVm9mnqftyvY8SxCbOtXrhG+8+OyMK585h7PaNW3u0v9mK027UC+uPFEOU8SEEQmXLW1pm6L et1uzuTEEYIDDtjcMEfYLkFnaV5bNBiCeyWEHHN7aiqMi8a6RORrNlz9W/Jl261e1m+OlBp1ERwl LpqiuCa6xTh1uferf5v0vmerUUuontzdiS8m0Xm0maA/lKsArsUL0suD2Eq87karqJoXzcN0irHu F7zfOYclo4Fn/1QFuYaY8V2n7QQUNNrbsTkLOzm4flO6DNgtbIOXLZcY2JR6cKFXgKhAnQXJwiuO w1MCAwEAAaOCA4wwggOIMAsGA1UdDwQEAwIHgDAdBgNVHQ4EFgQU8lC4r/gvSB0BMMqVbVhIirsC L4wwPQYJKwYBBAGCNxUHBDAwLgYmKwYBBAGCNxUIhNSOIoLt31OF9YMYgsa8XIWHuy1+htX/D4L9 +g4CAWQCAQowHwYDVR0jBBgwFoAUjrE+SRWrx5IE38/Ol+qJtJ4lVREwggEnBgNVHR8EggEeMIIB GjCCARagggESoIIBDoaBxmxkYXA6Ly8vQ049TWVzc2FnaW5nJTIwQ0EsQ049d3NjYXMwMDEyLENO PUNEUCxDTj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxDTj1TZXJ2aWNlcyxDTj1Db25maWd1cmF0 aW9uLERDPWNvcmUsREM9ZGlyLERDPXRlbHN0cmEsREM9Y29tP2NlcnRpZmljYXRlUmV2b2NhdGlv bkxpc3Q/YmFzZT9vYmplY3RDbGFzcz1jUkxEaXN0cmlidXRpb25Qb2ludIZDaHR0cDovL3dzY2Fz MDAxMi5jb3JlLmRpci50ZWxzdHJhLmNvbS9DZXJ0RW5yb2xsL01lc3NhZ2luZyUyMENBLmNybDCC AUEGCCsGAQUFBwEBBIIBMzCCAS8wgbwGCCsGAQUFBzAChoGvbGRhcDovLy9DTj1NZXNzYWdpbmcl MjBDQSxDTj1BSUEsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMsQ049U2VydmljZXMsQ049Q29u ZmlndXJhdGlvbixEQz1jb3JlLERDPWRpcixEQz10ZWxzdHJhLERDPWNvbT9jQUNlcnRpZmljYXRl P2Jhc2U/b2JqZWN0Q2xhc3M9Y2VydGlmaWNhdGlvbkF1dGhvcml0eTBuBggrBgEFBQcwAoZiaHR0 cDovL3dzY2FzMDAxMi5jb3JlLmRpci50ZWxzdHJhLmNvbS9DZXJ0RW5yb2xsL3dzY2FzMDAxMi5j b3JlLmRpci50ZWxzdHJhLmNvbV9NZXNzYWdpbmclMjBDQS5jcnQwEwYDVR0lBAwwCgYIKwYBBQUH AwQwGwYJKwYBBAGCNxUKBA4wDDAKBggrBgEFBQcDBDBYBgNVHREEUTBPoCwGCisGAQQBgjcUAgOg HgwcYzc5OTg3OEBjb3JlLmRpci50ZWxzdHJhLmNvbYEfSmFtZXMuSC5NYW5nZXJAdGVhbS50ZWxz dHJhLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEALZDeZpos2zSrCoLRDx1Cu6f7xbqf/Obpi+aAuqJu LiHWw/gwyy0lY9KBa4naedOAA0REylEP5A/fwXQa/wEzGtqY5naaeEurSOiWWTOcsmg8ay9bWSS9 KUzUoaRhYr5Fh1eYU9Gu+RuyzPRoRYE4Iw9kWT0fTSPRWmNTJLX644Ja1qelxQMw1nurrUAyaSEb tR8TFqdegghVhEqHjSWAF/M+DxpXragF4tM1q97tXcKtpSMa+ohibRDocegXru+MhKrFyUm/TP0H kG4q0HiRHTlyXEiPyiNKbCFJxPeh1eOGKKEcABDmOz2tzrQX45QUGagzv8m42jpX1DNEzeyIdTCC BoEwggVpoAMCAQICChdwbt4AAAAAAXkwDQYJKoZIhvcNAQEFBQAwFzEVMBMGA1UEAxMMTWVzc2Fn aW5nIENBMB4XDTA5MDMzMDA0MDMwMFoXDTEwMDMzMDA0MDMwMFowEjEQMA4GA1UEAxMHYzc5OTg3 ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANk6xFOFUU5KUvl92YXce4jF7DLPOHfb 8HttBGUDqnn1btHtMNsR2+aN4EHYgCkxCk+bVidmI9iael9f+DwuwG3CtidUfnJkSbBMtnt52r/Z yBn9QVwJxPq58BycssAI7qnBSDEQp3Um1vQlUSJP+U89I+5G8QpBParV+uNeMxksZnpb1WwxyHID DJrTfJQpctW3TdKAFJBRxpT+zw/gAGUNWER7H1SSWbAmnLRfODD/EtcnuXKEYOGjT1nAwmb81yZs MHKuHHHwP8ae3M+B6qfsuj9MrsrG/AhwbxvUYUoofxEPZQD8oMGvxMaCdXIziLgaNll4Tu32W1qc 1lohhb0CAwEAAaOCA9IwggPOMAsGA1UdDwQEAwIFIDBEBgkqhkiG9w0BCQ8ENzA1MA4GCCqGSIb3 DQMCAgIAgDAOBggqhkiG9w0DBAICAIAwBwYFKw4DAgcwCgYIKoZIhvcNAwcwHQYDVR0OBBYEFPdI bbMdMWgxNFd5S4gUmvNtA9m5MD0GCSsGAQQBgjcVBwQwMC4GJisGAQQBgjcVCITUjiKC7d9ThfWD GILGvFyFh7stfoTLh2ODx+odAgFkAgEEMB8GA1UdIwQYMBaAFI6xPkkVq8eSBN/PzpfqibSeJVUR MIIBJwYDVR0fBIIBHjCCARowggEWoIIBEqCCAQ6GgcZsZGFwOi8vL0NOPU1lc3NhZ2luZyUyMENB LENOPXdzY2FzMDAxMixDTj1DRFAsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMsQ049U2Vydmlj ZXMsQ049Q29uZmlndXJhdGlvbixEQz1jb3JlLERDPWRpcixEQz10ZWxzdHJhLERDPWNvbT9jZXJ0 aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/b2JqZWN0Q2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9p bnSGQ2h0dHA6Ly93c2NhczAwMTIuY29yZS5kaXIudGVsc3RyYS5jb20vQ2VydEVucm9sbC9NZXNz YWdpbmclMjBDQS5jcmwwggFBBggrBgEFBQcBAQSCATMwggEvMIG8BggrBgEFBQcwAoaBr2xkYXA6 Ly8vQ049TWVzc2FnaW5nJTIwQ0EsQ049QUlBLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENO PVNlcnZpY2VzLENOPUNvbmZpZ3VyYXRpb24sREM9Y29yZSxEQz1kaXIsREM9dGVsc3RyYSxEQz1j b20/Y0FDZXJ0aWZpY2F0ZT9iYXNlP29iamVjdENsYXNzPWNlcnRpZmljYXRpb25BdXRob3JpdHkw bgYIKwYBBQUHMAKGYmh0dHA6Ly93c2NhczAwMTIuY29yZS5kaXIudGVsc3RyYS5jb20vQ2VydEVu cm9sbC93c2NhczAwMTIuY29yZS5kaXIudGVsc3RyYS5jb21fTWVzc2FnaW5nJTIwQ0EuY3J0MBMG A1UdJQQMMAoGCCsGAQUFBwMEMBsGCSsGAQQBgjcVCgQOMAwwCgYIKwYBBQUHAwQwWAYDVR0RBFEw T6AsBgorBgEEAYI3FAIDoB4MHGM3OTk4NzhAY29yZS5kaXIudGVsc3RyYS5jb22BH0phbWVzLkgu TWFuZ2VyQHRlYW0udGVsc3RyYS5jb20wDQYJKoZIhvcNAQEFBQADggEBAA2df1z0HL7kzTTXbX9r YPbQ2LxN339XNf6THqbKXHfEnsj72nIFvflxkpHiR0PDQi9IVTushhY81Oumkb64II3hDqCnWztt fllQDrEQtF9xUVNBISQD9H1i3j8zI5LIiQOaGYdrf5ebEf16g7Y2Apwfo9V9bY09T50ztJvi5W56 cTZEWeXsvYSopvTFT620rro+V549ZBSMAn6qlg1dOpiWCB0MJsCXXp+7kpCTtuM9dafpJRNI5w9S 8QoCyQlfH94U1uRqQ21zixSDLbO0gDDglSLdvsp0tK44+ZRHHzVFzfSpX/Ls0/bKEqXq+ZW3rEPb TfNCgDILTliP0QsYi3YwggcKMIIE8qADAgECAhA9Ft3ZAidOrEiRFBv9SOnSMA0GCSqGSIb3DQEB BQUAMIGnMSEwHwYJKoZIhvcNAQkBFhJSb290Q0FAdGVsc3RyYS5jb20xCzAJBgNVBAYTAkFVMREw DwYDVQQIEwhWaWN0b3JpYTESMBAGA1UEBxMJTWVsYm91cm5lMRAwDgYDVQQKEwdUZWxzdHJhMRkw FwYDVQQLExBOZXR3b3JrIFNlY3VyaXR5MSEwHwYDVQQDExhUZWxzdHJhIEludGVybmFsIFJvb3Qg Q0EwHhcNMDAxMTE2MDIyOTEzWhcNMTAxMTE2MDIzMTU1WjCBpzEhMB8GCSqGSIb3DQEJARYSUm9v dENBQHRlbHN0cmEuY29tMQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExEjAQBgNVBAcT CU1lbGJvdXJuZTEQMA4GA1UEChMHVGVsc3RyYTEZMBcGA1UECxMQTmV0d29yayBTZWN1cml0eTEh MB8GA1UEAxMYVGVsc3RyYSBJbnRlcm5hbCBSb290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A MIICCgKCAgEAnpwjjsFHf+79TWueHlUdxK3+abffdE4bUBL+QuaNnWZ9iPyQU08vqhENwyIJO0nx AXeGLtjKsbzOu3wBxKCuefjb8XSoo4bOQQ5c5Rsf3hs4v+I09zwFgF+pxNV6DpOiwIB9XQgz0lpu joZVBl6m5ugVk+ADio10cD8ug8OyZvUURiHwgigHSUgqPcj+bqlJFMLbdg9mgAxEx5Ty1xRlKJ17 0CMnUeAV419eQrg0+GPCAt7nViNxW4SYR/9riFtMfavvBYjxvHbcq2v3PBfvhGAxFLWChKDm0wg2 qqt4wLm4VNrE+desJF+XOlqBi0IHQy5mE8KhWMMhW6Bbag5mQfPZVYwDXJ+TSprxRTkQ0KYU2vLF nBo0f5gqpcp4tiBRba6VDe/RmGgUUYCaBB4dh7v/Q1yxQrinUOHMqxVepZugobszXin1pRZ/Qy3D tCfJzO6C85gsN+bcGlfzajFLTV9VGo283+0g3HIahQdYG83PvvhZF8eR9+fohwwasYtKKiSl40z5 I46VrainDdjL1l4adwbjnS0nDv3mL9kbSyJLmRpfE5Nb3+BVUFErDV8a23KHr1mdAUMEKHU4Y8Ep g+q9vTVZsAJfRMgNc5+bzd1C65j+1FhOh3xKgwlu1qvux2BAtOYIRwUf59tEuJELM5iszyPThURE my/eapk1SlcCAwEAAaOCAS4wggEqMBMGCSsGAQQBgjcUAgQGHgQAQwBBMAsGA1UdDwQEAwIBRjAP BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQS3FKmReD1ql/Ger9J5nUZcw29+TCBwwYDVR0fBIG7 MIG4MFmgV6BVhlNodHRwOi8vd3NjYXIwMDAxLmNvcmUuZGlyLnRlbHN0cmEuY29tL0NlcnRFbnJv bGwvVGVsc3RyYSUyMEludGVybmFsJTIwUm9vdCUyMENBLmNybDBboFmgV4ZVZmlsZTovL1xcV1ND QVIwMDAxLmNvcmUuZGlyLnRlbHN0cmEuY29tXENlcnRFbnJvbGxcVGVsc3RyYSUyMEludGVybmFs JTIwUm9vdCUyMENBLmNybDAQBgkrBgEEAYI3FQEEAwIBADANBgkqhkiG9w0BAQUFAAOCAgEAkysT 049btivCdrHQWHbsi7yg1O/gkK4RPY5kS3tbsJiMlYFNxpPuQL30/MKNMNubP6lBNucZBCRK8+J7 XtuBltfznqe6zvWtcNIWUWbBsZlJ7lM/rYuKFkU/EYnK8sCHmDwZtxd53Vb1BGmlGZ8ORJSggZm8 LKqhyQLXTr7fdvSBIfoOEEUhVNPu3qBul+QjtwVmnhYgX4IXxM624nZTs9BoSe++wGJALHZJ5CJb 6FIAC4t5dY2PJMHeAs84kybkmb3LfM1gTEpeZYFrH50pHxsLocapb/gR7K0NPHzQnLc6MeYdIHxm oLWIWEsb4kYKNlhip4ddC2qnwhT7ynp8vWVhrQRwr5LVvmMSSyUIYJn0+QV6q4ptfvO4v2J6RkDv APGJdfx0WD+4N2gQ/xrRGmjJn73efCzpzjffy0SH1Xjj5d5+ofR7wbu6i5iB1aZdeaPj95flfy7e BW3z/3r0MboP624XiDqlLF+FKt8lh0nh38vECPBUh6U9BH5bp2c36my2b1ZdDs/ryg1Rs9o0inpU q7yexHwGIKiEtqKGNGL2Osxm5NDn8OvCY0FsIchdzvCORUYEQV85nbW1SkTcms+QjYfptcA72bdZ KDfpvSK1tArBqWAdUeJlwB9uC6NTSazXTNB3fGgGvNl4y6hi82oRAfaZKKLYuMZd/C2eOuAwggdd MIIFRaADAgECAgphC9E1AAAAAAAaMA0GCSqGSIb3DQEBBQUAMIGnMSEwHwYJKoZIhvcNAQkBFhJS b290Q0FAdGVsc3RyYS5jb20xCzAJBgNVBAYTAkFVMREwDwYDVQQIEwhWaWN0b3JpYTESMBAGA1UE BxMJTWVsYm91cm5lMRAwDgYDVQQKEwdUZWxzdHJhMRkwFwYDVQQLExBOZXR3b3JrIFNlY3VyaXR5 MSEwHwYDVQQDExhUZWxzdHJhIEludGVybmFsIFJvb3QgQ0EwHhcNMDYwNTIzMDMxNDM0WhcNMTAx MTE2MDIzMTU1WjAXMRUwEwYDVQQDEwxNZXNzYWdpbmcgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwoF8xB3u77NXnoqaWEMkvFMsxiUyCDcfXbUdQzEPsEaj5ldeR4lRBVeiADIDN R0bnvFOGQSrmNK7i5KugI7EfA0h6giZ8Oh3lCx1kpzrPswIJOCwbKpjqgjT6sJXa+plLPmLm2j6v B6Dzye1SotWzeCMWnwmSdIT8LbSsz5QVS7K/eck0CWgIxwiOvgUNGfDNJLfBzFIotvxq1olQL8i2 m6J8s9T9Fx7LGvju9g25M4rghJW9YPGSekJcxHmVEvbYUDNnKQHFJKQ8U/vC5KSgfGrMivQg6O7m ucKnPb8s+1Wp5SkOjOCInaqtlGlWsLRcubOueJgcA/oae7sr1vOFAgMBAAGjggMYMIIDFDAPBgNV HRMBAf8EBTADAQH/MB0GA1UdDgQWBBSOsT5JFavHkgTfz86X6om0niVVETALBgNVHQ8EBAMCAcYw EAYJKwYBBAGCNxUBBAMCAQAwgeMGA1UdIwSB2zCB2IAUEtxSpkXg9apfxnq/SeZ1GXMNvfmhga2k gaowgacxITAfBgkqhkiG9w0BCQEWElJvb3RDQUB0ZWxzdHJhLmNvbTELMAkGA1UEBhMCQVUxETAP BgNVBAgTCFZpY3RvcmlhMRIwEAYDVQQHEwlNZWxib3VybmUxEDAOBgNVBAoTB1RlbHN0cmExGTAX BgNVBAsTEE5ldHdvcmsgU2VjdXJpdHkxITAfBgNVBAMTGFRlbHN0cmEgSW50ZXJuYWwgUm9vdCBD QYIQPRbd2QInTqxIkRQb/Ujp0jCBwwYDVR0fBIG7MIG4MFmgV6BVhlNodHRwOi8vd3NjYXIwMDAx LmNvcmUuZGlyLnRlbHN0cmEuY29tL0NlcnRFbnJvbGwvVGVsc3RyYSUyMEludGVybmFsJTIwUm9v dCUyMENBLmNybDBboFmgV4ZVZmlsZTovL1xcV1NDQVIwMDAxLmNvcmUuZGlyLnRlbHN0cmEuY29t XENlcnRFbnJvbGxcVGVsc3RyYSUyMEludGVybmFsJTIwUm9vdCUyMENBLmNybDCCARUGCCsGAQUF BwEBBIIBBzCCAQMwfgYIKwYBBQUHMAKGcmh0dHA6Ly93c2NhcjAwMDEuY29yZS5kaXIudGVsc3Ry YS5jb20vQ2VydEVucm9sbC9XU0NBUjAwMDEuY29yZS5kaXIudGVsc3RyYS5jb21fVGVsc3RyYSUy MEludGVybmFsJTIwUm9vdCUyMENBLmNydDCBgAYIKwYBBQUHMAKGdGZpbGU6Ly9cXFdTQ0FSMDAw MS5jb3JlLmRpci50ZWxzdHJhLmNvbVxDZXJ0RW5yb2xsXFdTQ0FSMDAwMS5jb3JlLmRpci50ZWxz dHJhLmNvbV9UZWxzdHJhJTIwSW50ZXJuYWwlMjBSb290JTIwQ0EuY3J0MA0GCSqGSIb3DQEBBQUA A4ICAQB2Gd568tcY04j08RWRSd32wdJeS42EDLl9mDqFn8xOyF4ODrPNKCymhp5ZxKQfE06YQBCa qvJBVDiV+qFehjvEns0RmZwvAbZalqWeSwu66P8NbbXu0108ubTyiECoIeRGZIHXblDQ3BfkR3e4 8Ise+DOPCIA/PjDdKJ3jtR+1XTL0f/i191k/bjGts+07MOQWuBFssTL0b0MD5l/fs2MDXWClozlM dgI407z+e6bk5JyiwdEALM0TlXSzim/SfGu70Ks20XDUpDiV/1RPE/YVDbVsCdVeG5S0tuQu3PGw dDpb4ROGvrusT4fIP/uYh7/vRwZp6LCf2e8rUBgWo+mPva0FJm5uiJgmHkXX+GV7LVEfAjtlE0gU pfsnx/2PUbyMi9AH1kZxnlJvdD2yL/qTwMb087dqWigmTPO+pIq4MZaTQdQFxEfvHdW6fx2yMUcG 15kw7lmYcYD8zSCbWMPZX9c3sQTWo5OK70ZPpA3xnHwyMZbpXCZ84BE8M9JoW32DHMGIobuSEgh8 DKdrfaMS9K2VcYRS79oA19QASVLnIZGkSWyDsfJ1FIDWPRz7GLZVeiqFObL6pWjH6zi5pHNX3nc+ u/XowTcy4XDEAaNN4apuxNuzi4Rhw+8tCiG3h4YIbx9B8jjXno/0O5IPSMx4eJfoZikbLJKE9xMn uSmSrjGCAoQwggKAAgEBMCUwFzEVMBMGA1UEAxMMTWVzc2FnaW5nIENBAgoXcUC1AAAAAAF6MAkG BSsOAwIaBQCgggE0MBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTA5 MDYyNTAxMDkzMVowIwYJKoZIhvcNAQkEMRYEFJupDG2kEh3QsDdPcbQpnYkwMpDGMDQGCSsGAQQB gjcQBDEnMCUwFzEVMBMGA1UEAxMMTWVzc2FnaW5nIENBAgoXcG7eAAAAAAF5MDYGCyqGSIb3DQEJ EAILMSegJTAXMRUwEwYDVQQDEwxNZXNzYWdpbmcgQ0ECChdwbt4AAAAAAXkwZwYJKoZIhvcNAQkP MVowWDAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcw DQYIKoZIhvcNAwICASgwBwYFKw4DAhowCgYIKoZIhvcNAgUwDQYJKoZIhvcNAQEBBQAEggEAHrNm 1Who5lnHBdMO4s+zdpAhtfTPS5/iLQpL7E79VaDwaWdqCnXgb5biwSQ4R36/2BKUy9wihVLKF5Ww 6sbGRlY/0X5It3dSjHShnhd8/21yL3rsKVTpsQwr2WIxgkt4W8G0fmIhnU1GXxrhg6hPOMn/Cu4u cHHzDaZiogcVBpz9cn2mcYgaUp1s18vzt8XoHDdfcSi28A3P0sezSc1zYu0TdJuyi9Nr99JaAS7w zSh9xqfScZ4jrpBl3v+qcBsocxC4QHf44mY7fcs1lyh3dkn+Ug4z0B0M6ElGCszw2pIe4JapAirO GviPS9lvszuZcIXOHlfjHAR09XxxCQEZygAAAAAAAA== ------=_NextPart_000_000E_01C9F585.6A0BE630-- From rbarnes@bbn.com Wed Jun 24 19:51:45 2009 Return-Path: X-Original-To: oauth@core3.amsl.com Delivered-To: oauth@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7AABD3A6F2F for ; Wed, 24 Jun 2009 19:51:45 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LgLtw0Uj4ylB for ; Wed, 24 Jun 2009 19:51:44 -0700 (PDT) Received: from mx11.bbn.com (mx11.bbn.com [128.33.0.80]) by core3.amsl.com (Postfix) with ESMTP id C60193A6B4B for ; Wed, 24 Jun 2009 19:51:44 -0700 (PDT) Received: from [128.89.252.139] (helo=Richard-Barnes-Laptop.local) by mx11.bbn.com with esmtp (Exim 4.60) (envelope-from ) id 1MJe6l-00005r-DA; Wed, 24 Jun 2009 21:50:35 -0400 Message-ID: <4A42E5FA.2000901@bbn.com> Date: Wed, 24 Jun 2009 22:50:34 -0400 From: Richard Barnes User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Eran Hammer-Lahav References: <90C41DD21FB7C64BB94121FBBC2E723437833980BB@P3PW5EX1MB01.EX1.SECURESERVER.NET> In-Reply-To: <90C41DD21FB7C64BB94121FBBC2E723437833980BB@P3PW5EX1MB01.EX1.SECURESERVER.NET> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: "oauth@ietf.org" Subject: Re: [OAUTH-WG] Naming drafts X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Jun 2009 02:51:45 -0000 One process point: Until there's WG consensus to adopt the drafts, shouldn't they be draft-hammer-oauth-* ? Beyond that, I really don't care too much what the names are. (We had one draft name in GEOPRIV that had a misspelled acronym all the way until it was an RFC :) ) --Richard Eran Hammer-Lahav wrote: > I am thinking about naming the two drafts: > > draft-ietf-oauth-authentication (section 3) > draft-ietf-oauth-web-authorization (section 4) > > Comments? > > EHL > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > From stpeter@stpeter.im Wed Jun 24 21:09:45 2009 Return-Path: X-Original-To: oauth@core3.amsl.com Delivered-To: oauth@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AC79A3A68DD for ; Wed, 24 Jun 2009 21:09:45 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.449 X-Spam-Level: X-Spam-Status: No, score=-2.449 tagged_above=-999 required=5 tests=[AWL=0.150, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZpG0ynHRVTHY for ; Wed, 24 Jun 2009 21:09:44 -0700 (PDT) Received: from stpeter.im (stpeter.im [207.210.219.233]) by core3.amsl.com (Postfix) with ESMTP id F33963A6F93 for ; Wed, 24 Jun 2009 21:09:16 -0700 (PDT) Received: from squire.local (dsl-240-58.dynamic-dsl.frii.net [216.17.240.58]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 2678E4007B; Wed, 24 Jun 2009 22:09:30 -0600 (MDT) Message-ID: <4A42F879.2000004@stpeter.im> Date: Wed, 24 Jun 2009 22:09:29 -0600 From: Peter Saint-Andre User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Richard Barnes References: <90C41DD21FB7C64BB94121FBBC2E723437833980BB@P3PW5EX1MB01.EX1.SECURESERVER.NET> <4A42E5FA.2000901@bbn.com> In-Reply-To: <4A42E5FA.2000901@bbn.com> X-Enigmail-Version: 0.95.7 OpenPGP: url=http://www.saint-andre.com/me/stpeter.asc Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: "oauth@ietf.org" Subject: Re: [OAUTH-WG] Naming drafts X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Jun 2009 04:09:45 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 6/24/09 8:50 PM, Richard Barnes wrote: > One process point: Until there's WG consensus to adopt the drafts, > shouldn't they be draft-hammer-oauth-* ? The IESG approved our charter for the express and primary purpose of empowering this Working Group to produce an RFC defining "OAuth 1.1", based on the "OAuth 1.0" specification (which in Internet-Draft form is draft-hammer-oauth-02). Therefore I do not think that we need a further consensus call to publish draft-hammer-oauth-02 as a WG item, since it is the central focus of our charter. The drafts that Eran has mentioned are merely an editorial convenience to split draft-hammer-oauth-02 into two specifications: one that defines the protocol for authentication of requests (roughly, Section 3 of draft-hammer-oauth-02) and another that defines methods for using that authentication protocol to provide delegated access to protected resources (roughly, Section 4 of draft-hammer-oauth-02). The spec split has been discussed on this list and no objections have been raised (indeed, rough consensus seems to be that the spec split is a very good idea). Although no *official* consensus call has been issued, it seems doubtful that an official consensus call is necessary here since no matters of technical substance are involved. Therefore I deem it straightforward for the WG to split draft-hammer-oauth-02 into two specifications and then publish those I-Ds as WG items. As to the mechanics, Eran will split the I-D into two, name those I-Ds draft-ietf-oauth-authentication and draft-ietf-oauth-web-delegation (or whatever we agree upon), and submit them through the normal processes; it is then the responsibility of the WG chairs to approve those documents for publication, since a name of the form draft-ietf-oauth-* implies that a specification is an official WG item. Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkpC+HgACgkQNL8k5A2w/vyTdQCdFFB0XyhCS5CfPZ2sNemt0JQF J9cAoMUJflCRAJncXJzVp+/2g/YdSsUr =Nc9l -----END PGP SIGNATURE----- From eran@hueniverse.com Wed Jun 24 22:34:33 2009 Return-Path: X-Original-To: oauth@core3.amsl.com Delivered-To: oauth@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C10E93A690D for ; Wed, 24 Jun 2009 22:34:33 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dybckuxDhKZj for ; Wed, 24 Jun 2009 22:34:33 -0700 (PDT) Received: from p3plex1out02.prod.phx3.secureserver.net (p3plex1out02.prod.phx3.secureserver.net [72.167.180.18]) by core3.amsl.com (Postfix) with SMTP id 5A0FD28C18E for ; Wed, 24 Jun 2009 22:34:06 -0700 (PDT) Received: (qmail 4956 invoked from network); 25 Jun 2009 04:31:21 -0000 Received: from unknown (HELO smtp.ex1.secureserver.net) (72.167.180.19) by p3plex1out02.prod.phx3.secureserver.net with SMTP; 25 Jun 2009 04:31:21 -0000 Received: from P3PW5EX1MB01.EX1.SECURESERVER.NET ([10.6.135.19]) by P3PW5EX1HT001.EX1.SECURESERVER.NET ([72.167.180.19]) with mapi; Wed, 24 Jun 2009 21:30:56 -0700 From: Eran Hammer-Lahav To: "oauth@ietf.org" Date: Wed, 24 Jun 2009 21:31:10 -0700 Thread-Topic: Naming drafts Thread-Index: Acn1I8jJqtM6rDrsSsqbp9uhx/B9WwADPxKAAAc1+yA= Message-ID: <90C41DD21FB7C64BB94121FBBC2E723437833980CD@P3PW5EX1MB01.EX1.SECURESERVER.NET> References: <90C41DD21FB7C64BB94121FBBC2E723437833980BB@P3PW5EX1MB01.EX1.SECURESERVER.NET> <255B9BB34FB7D647A506DC292726F6E112238C9810@WSMSG3153V.srv.dir.telstra.com> In-Reply-To: <255B9BB34FB7D647A506DC292726F6E112238C9810@WSMSG3153V.srv.dir.telstra.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 Subject: Re: [OAUTH-WG] Naming drafts X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Jun 2009 05:34:33 -0000 SSBsaWtlIGRlbGVnYXRpb24uIEkgY2FyZSBtb3JlIGFib3V0IHRoZSAnd2ViJyBwYXJ0IHRvIGNs ZWFybHkgaW5kaWNhdGUgdGhhdCB0aGlzIGlzIGp1c3Qgb25lIG9mIHBvdGVudGlhbCBtYW55IG90 aGVyIHdheXMgdG8gYWNjb21wbGlzaCBkZWxlZ2F0aW9uIHRoYXQgd2lsbCByZXN1bHQgaW4gYSB0 b2tlbiAod2hpY2ggaW4gdHVybiBjYW4gYmUgdXNlZCB3aXRoIHRoZSBhdXRoZW50aWNhdGlvbiBz cGVjKS4NCg0KRUhMDQoNCj4gLS0tLS1PcmlnaW5hbCBNZXNzYWdlLS0tLS0NCj4gRnJvbTogb2F1 dGgtYm91bmNlc0BpZXRmLm9yZyBbbWFpbHRvOm9hdXRoLWJvdW5jZXNAaWV0Zi5vcmddIE9uIEJl aGFsZg0KPiBPZiBNYW5nZXIsIEphbWVzIEgNCj4gU2VudDogV2VkbmVzZGF5LCBKdW5lIDI0LCAy MDA5IDY6MTAgUE0NCj4gVG86IG9hdXRoQGlldGYub3JnDQo+IFN1YmplY3Q6IFJlOiBbT0FVVEgt V0ddIE5hbWluZyBkcmFmdHMNCj4gDQo+IGRyYWZ0LWlldGYtb2F1dGgtd2ViLWRlbGVnYXRpb24g KHNlY3Rpb24gNCkNCj4gDQo+IHdvdWxkIGJlIG15IHByZWZlcmVuY2UgKCJkZWxlZ2F0aW9uIiBp bnN0ZWFkIG9mICJhdXRob3JpemF0aW9uIikNCj4gDQo+IA0KPiBKYW1lcyBNYW5nZXINCj4gSmFt ZXMuSC5NYW5nZXJAdGVhbS50ZWxzdHJhLmNvbQ0KPiBJZGVudGl0eSBhbmQgc2VjdXJpdHkgdGVh bSDigJQgQ2hpZWYgVGVjaG5vbG9neSBPZmZpY2Ug4oCUIFRlbHN0cmENCj4gDQo+IC0tLS0tLS0t LS0NCj4gRnJvbTogb2F1dGgtYm91bmNlc0BpZXRmLm9yZyBbbWFpbHRvOm9hdXRoLWJvdW5jZXNA aWV0Zi5vcmddIE9uIEJlaGFsZg0KPiBPZiBFcmFuIEhhbW1lci1MYWhhdg0KPiBTZW50OiBUaHVy c2RheSwgMjUgSnVuZSAyMDA5IDk6MzEgQU0NCj4gVG86IG9hdXRoQGlldGYub3JnDQo+IFN1Ympl Y3Q6IFtPQVVUSC1XR10gTmFtaW5nIGRyYWZ0cw0KPiANCj4gSSBhbSB0aGlua2luZyBhYm91dCBu YW1pbmcgdGhlIHR3byBkcmFmdHM6DQo+IA0KPiBkcmFmdC1pZXRmLW9hdXRoLWF1dGhlbnRpY2F0 aW9uIChzZWN0aW9uIDMpIGRyYWZ0LWlldGYtb2F1dGgtd2ViLQ0KPiBhdXRob3JpemF0aW9uIChz ZWN0aW9uIDQpDQo+IA0KPiBDb21tZW50cz8NCg0K