[OAUTH-WG] Recent changes to Registration

Mon, 11 Feb 2013 13:11:27 -0800

As many of you saw, last week I published a draft of the OAuth Dynamic Client Registration spec [1] that made some fairly serious changes to how the protocol works. It was my intent to distill many threads of conversation here on the list into a full, workable protocol with a concrete document that we could discuss. I believe that what I published did that, but I certainly don't think that all of our work and discussion is done. It wasn't my intent to surprise people with the draft (apparently I really did!), nor was it my intent to simply dictate where the spec was going without any input from the working group.
So to move the discussion forward in a very deliberate fashion, I'm going to be starting a number of new threads for discussion on particular changes and components to this spec so that we can discuss things and decide as a working group what the best courses of action are. I'll lay out what the issues are, what -05 says today, what the options are as I see them, and we I think can go from there. The topics will be: 

 - JSON Encoding
 - Endpoint Definition (& operation parameter)
 - HAL _links structure and client self-URL
 - RESTful client lifecycle management
 - Client secret rotation


If you want to talk about the overall design and philosophy of the 
Registration document, just reply to this email.



Of course, all of these interrelate in various ways, and everything must 
be taken in the overall context, but I'm hoping that by splitting things 
up this way we can focus the conversations better. I welcome all 
constructive discussion, debate, and input. As an editor, I am 
particularly grateful for anyone who wants to provide actual text for 
inclusion in the document itself, and any pointers to implemented code 
for any of this.



The deadline for IETF86 is two weeks from now, and I want to have a 
version -06 or greater that incorporates all of the comments from these 
threads by then.


 -- Justin


[1] http://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-05
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth






















					Reply via email to