What's needed would be (a) contracts servers that can talk to one another, (b) addition of pub-keys to some well known endpoints, and (c) some actual contracts with actual legal prose :-)
The contract server could be treated as a protected endpoint (e.g. at the AS), but since contract agreement is a 2-way handshake we may need to add some new message flows. /thomas/ ________________________________________ From: Aaron Parecki [aa...@parecki.com] Sent: Wednesday, February 01, 2017 7:26 PM To: Thomas Hardjono Cc: oauth@ietf.org; oauth-cha...@ietf.org Subject: Re: [OAUTH-WG] Decentralized OAuth2.0 -- FW: New Version Notification for draft-hardjono-oauth-decentralized-00.txt The introduction sounds great, especially acknowledging the problems due to "the predominance of the web single sign-on model as the basis for the user interaction"... but is there a summary of what this actually describes? I see a lot of boilerplate text, and defining some new terms, but I don't actually know what I would implement after reading this. ---- Aaron Parecki aaronparecki.com<http://aaronparecki.com> @aaronpk<http://twitter.com/aaronpk> On Wed, Feb 1, 2017 at 3:48 PM, Thomas Hardjono <hardj...@mit.edu<mailto:hardj...@mit.edu>> wrote: Folks, This may be of interest. Its forward-looking, I know. Appreciate any comments on the draft. Best. /thomas/ ________________________________________ From: internet-dra...@ietf.org<mailto:internet-dra...@ietf.org> [internet-dra...@ietf.org<mailto:internet-dra...@ietf.org>] Sent: Wednesday, February 01, 2017 6:39 PM To: Thomas Hardjono Subject: New Version Notification for draft-hardjono-oauth-decentralized-00.txt A new version of I-D, draft-hardjono-oauth-decentralized-00.txt has been successfully submitted by Thomas Hardjono and posted to the IETF repository. Name: draft-hardjono-oauth-decentralized Revision: 00 Title: Decentralized Service Architecture for OAuth2.0 Document date: 2017-02-01 Group: Individual Submission Pages: 21 URL: https://www.ietf.org/internet-drafts/draft-hardjono-oauth-decentralized-00.txt Status: https://datatracker.ietf.org/doc/draft-hardjono-oauth-decentralized/ Htmlized: https://tools.ietf.org/html/draft-hardjono-oauth-decentralized-00 Abstract: This document proposes an alternative service architecture for user- centric control of the sharing of resources, such as personal data, using the decentralized peer-to-peer computing paradigm. The term 'control' is used here to denote the full capacity of the user to freely select (i) the entities with whom to share resources (e.g. data), and (ii) the entities which provide services implementing user-controlled resource sharing. The peer-to-peer service architecture uses a set of computing nodes called OAuth2.0 Nodes (ON) that are part of a peer-to-peer network as the basis for the decentralized service architecture. Each OAuth2.0 Nodes is assumed to have the capability to provide AS-services, RS-services and Client-services. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org<http://tools.ietf.org>. The IETF Secretariat _______________________________________________ OAuth mailing list OAuth@ietf.org<mailto:OAuth@ietf.org> https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth