Ludwig Seitz <ludwig.se...@ri.se> wrote:
> I agree that onboarding is a valid concern (which is why I wrote
> appendix B),
> but lets not delay draft-ietf-ace-oauth-authz any further by adding a
whole
> new set of functionality in it.Back at the beginning of ACE it was clear that onboarding was an entire project of itself. That's why I argued to keep it out of the first charter. Onboarding suffers from a tendancy to boil the ocean, combined with the elephant/blind-men problem. The way to tackle onboarding is not with a single unifying ocean boiling protocol, but rather by letting each interested party define small protocols, and over time find commonality. I get the vision of: https://en.wikipedia.org/wiki/Nibbler So while it is unfortunate if some implementers feel to be "in the dark", before we could rectify that situation, we'd have to know which implementers we are worried about. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
