Not to be pedantic, but adding OAuth support is a mechanism in support of a goal. What's the end goal?
* Letting third party apps use the datatracker API? * Letting people sign in to other apps with a datatracker account? ---- Aaron Parecki aaronparecki.com On Sun, Aug 18, 2019 at 2:05 PM Salz, Rich <rs...@akamai.com> wrote: > > As I said at the start of the thread: I want to add OAUTH support to the > datatracker. > > > > From: Dick Hardt <dick.ha...@gmail.com> > Date: Sunday, August 18, 2019 at 4:47 PM > To: Rich Salz <rs...@akamai.com> > Cc: Hans Zandbelt <hans.zandb...@zmartzone.eu>, John Bradley > <ve7...@ve7jtb.com>, "oauth@ietf.org" <oauth@ietf.org> > Subject: Re: [OAUTH-WG] Info on how to implement a server > > > > What is the goal? > > > > On Sun, Aug 18, 2019 at 12:41 PM Salz, Rich <rs...@akamai.com> wrote: > > Thanks for the links, folks. I’m aware, and sorry for my sloppy terminology. > > > > Imagine a service where anyone with a valid identity is authorized. There are > many of these on the net. Collapsing authentication to authorization > (“everyone authenticated is authorized”) seems not unreasonable. > > > > But I don’t want to get distracted from my main goal. Thanks. > > > > From: Hans Zandbelt <hans.zandb...@zmartzone.eu> > Date: Saturday, August 17, 2019 at 2:34 PM > To: John Bradley <ve7...@ve7jtb.com> > Cc: "oauth@ietf.org" <oauth@ietf.org> > Subject: Re: [OAUTH-WG] Info on how to implement a server > > > > indeed OAuth != identity see https://oauth.net/articles/authentication/ > > > > Hans. > > > > On Sat, Aug 17, 2019 at 8:31 PM John Bradley <ve7...@ve7jtb.com> wrote: > > The openID Connect kind of OAuth server. > > OAuth on its own is not designed to be secure for identity federation. > > John B. > > On 8/17/2019 1:23 PM, Salz, Rich wrote: > > What’s the WG consensus (heh) on the best guide to adding OAUTH support to an > existing server so that it can act as an identity provider? Which version of > oauth is most widely deployed by relying parties these days? > > > > I want to add OAUTH support to the IETF datatracker. > > > > Thanks for any pointers. Replies to me will be summarized for the list. > > > > /r$ > > > > > > _______________________________________________ > > OAuth mailing list > > OAuth@ietf.org > > https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > > > > -- > > hans.zandb...@zmartzone.eu > > ZmartZone IAM - www.zmartzone.eu > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
