Re: [OAUTH-WG] carrying oauth authorisation without HTTP

Wed, 29 Apr 2020 09:55:17 -0700 

There is also https://tools.ietf.org/html/rfc7628

> On 29 Apr 2020, at 17:45, Justin Richer <jric...@mit.edu> wrote:
> 
> It depends on what protocol you’re using on the socket connection between 
> the client (the home router) and the RS/AS. You’ll need :someplace: to put 
> the access token. RFC6750 and RFC8705 are explicitly about HTTP so you can’t 
> use them directly, but other work (like that done in the ACE group with 
> OSCORE) map the OAuth concepts to different underlying protocols.
> 
>  — Justin
> 
>> On Apr 28, 2020, at 10:13 PM, Daniel Migault <mglt....@gmail.com> wrote:
>> 
>> Hi,
>> 
>> I am completely new to oauth and would like to solicit the WG for advice.
>> 
>> We are working on the Home Router outsourcing a service in the homenet WG 
>> and we are wondering how oauth could be used to improve automation.
>> 
>> Our scenario is represented in the figure below:
>> 
>> 1.  The end user connected to the web interface of the Home Router  
>> 2. The Home Router redirects the End User to the service provider where the 
>> end user register for that service ( AS ).
>> 3. The AS providing an authorisation token carried to the RS via the Home 
>> Router to the RS.
>> 
>> The session between the Home router and the RS in our case is not using HTTP 
>> but is using TLS. We are wondering if there is a way to carry an 
>> authorisation token over a non HTTP session and if RFC8705 "OAuth 2.0 
>> Mutual-TLS Client Authentication and Certificate-Bound Access Tokens" heads 
>> in to this direction.
>> 
>> I am happy to hear any feed back or comments!
>> 
>> Yours,
>> Daniel
>> 
>> 
>>       HTTPS            +-----------+
>>    +------------------>|    AS     |<--------------+
>>    |                   |           |               |
>>    v                   +-----------+               v
>> +-------------+ HTTPS  +-----------+    TLS    +---------+
>> | User        |<------>|Home Router|<--------->|   RS    |
>> |(Web Browser)|        |           |           |         |
>> +-------------+        +-----------+           +---------+
>> 
>> -- 
>> Daniel Migault
>> Ericsson
>> 8400 boulevard Decarie
>> Montreal, QC   H4P 2N2
>> Canada
>> 
>> Phone: +1 514-452-2160
>> 
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
> 
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to