Re: [OAUTH-WG] OAuth Discovery

Fri, 27 Nov 2015 19:58:46 -0800 

Can you elaborate on the advantage of having a separate parallel spec to OpenID 
Discovery? 


    On Wednesday, November 25, 2015 3:37 PM, Mike Jones 
<michael.jo...@microsoft.com> wrote:
 

  <!--#yiv2101860304 _filtered #yiv2101860304 {font-family:Wingdings;panose-1:5 
0 0 0 0 0 0 0 0 0;} _filtered #yiv2101860304 {font-family:"Cambria 
Math";panose-1:2 4 5 3 5 4 6 3 2 4;} _filtered #yiv2101860304 
{font-family:Calibri;panose-1:2 15 5 2 2 2 4 3 2 4;} _filtered #yiv2101860304 
{font-family:"Segoe UI";panose-1:2 11 5 2 4 2 4 2 2 3;}#yiv2101860304 
#yiv2101860304 p.yiv2101860304MsoNormal, #yiv2101860304 
li.yiv2101860304MsoNormal, #yiv2101860304 div.yiv2101860304MsoNormal 
{margin:0in;margin-bottom:.0001pt;font-size:11.0pt;font-family:"Calibri", 
sans-serif;}#yiv2101860304 a:link, #yiv2101860304 
span.yiv2101860304MsoHyperlink 
{color:#0563C1;text-decoration:underline;}#yiv2101860304 a:visited, 
#yiv2101860304 span.yiv2101860304MsoHyperlinkFollowed 
{color:#954F72;text-decoration:underline;}#yiv2101860304 pre 
{margin:0in;margin-bottom:.0001pt;font-size:12.0pt;font-family:"Courier 
New";}#yiv2101860304 p.yiv2101860304MsoListParagraph, #yiv2101860304 
li.yiv2101860304MsoListParagraph, #yiv2101860304 
div.yiv2101860304MsoListParagraph 
{margin-top:0in;margin-right:0in;margin-bottom:0in;margin-left:.5in;margin-bottom:.0001pt;font-size:11.0pt;font-family:"Calibri",
 sans-serif;}#yiv2101860304 span.yiv2101860304EmailStyle17 
{font-family:"Calibri", sans-serif;color:windowtext;}#yiv2101860304 
span.yiv2101860304HTMLPreformattedChar {font-family:"Courier 
New";}#yiv2101860304 span.yiv2101860304grey {}#yiv2101860304 
.yiv2101860304MsoChpDefault {} _filtered #yiv2101860304 {margin:1.0in 1.0in 
1.0in 1.0in;}#yiv2101860304 div.yiv2101860304WordSection1 {}#yiv2101860304 
_filtered #yiv2101860304 {} _filtered #yiv2101860304 {font-family:Symbol;} 
_filtered #yiv2101860304 {font-family:"Courier New";} _filtered #yiv2101860304 
{font-family:Wingdings;} _filtered #yiv2101860304 {font-family:Symbol;} 
_filtered #yiv2101860304 {font-family:"Courier New";} _filtered #yiv2101860304 
{font-family:Wingdings;} _filtered #yiv2101860304 {font-family:Symbol;} 
_filtered #yiv2101860304 {font-family:"Courier New";} _filtered #yiv2101860304 
{font-family:Wingdings;}#yiv2101860304 ol {margin-bottom:0in;}#yiv2101860304 ul 
{margin-bottom:0in;}-->I’m pleased to announce that Nat Sakimura, John Bradley, 
and I have created an OAuth 2.0 Discovery specification.  This fills a hole in 
the current OAuth specification set that is necessary to achieve 
interoperability.  Indeed, theInteroperability section of OAuth 2.0states: In 
addition, this specification leaves a few required components partially or 
fully undefined (e.g., client registration, authorization server capabilities, 
endpoint discovery).  Without these components, clients must be manually and 
specifically configured against a specific authorization server and resource 
server in order to interoperate.    This framework was designed with the clear 
expectation that future work will define prescriptive profiles and extensions 
necessary to achieve full web-scale interoperability.    This specification 
enables discovery of both endpoint locations and authorization server 
capabilities.    This specification is based upon the already widely 
deployedOpenID Connect Discovery 1.0 specification and is compatible with it, 
by design.  The OAuth Discovery spec removes the portions of OpenID Connect 
Discovery that are OpenID specific and adds metadata values for Revocation and 
Introspection endpoints.  It also maps OpenID concepts, such as OpenID 
Provider, Relying Party, End-User, and Issuer to their OAuth underpinnings, 
respectively Authorization Server, Client, Resource Owner, and the newly 
introduced Configuration Information Location.  Some identifiers with names 
that appear to be OpenID specific were retained for compatibility purposes; 
despite the reuse of these identifiers that appear to be OpenID specific, their 
usage in this specification is actually referring to general OAuth 2.0 features 
that are not specific to OpenID Connect.    The specification is available at: 
·        http://tools.ietf.org/html/draft-jones-oauth-discovery-00    An 
HTML-formatted version is also available at: ·        
http://self-issued.info/docs/draft-jones-oauth-discovery-00.html                
                                                    -- Mike    P.S.  This note 
was also posted at http://self-issued.info/?p=1496 and as @selfissued. 
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth


  
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to