John’s assessment is correct and this is what we’ve tried to capture in the
privacy considerations section of the latest draft:
In general, the metadata for a client, such as the client name and
software identifier, are common across all instances of a piece of
client software and
-- Mike
*From:* OAuth [mailto:oauth-boun...@ietf.org] *On Behalf Of *Kathleen
Moriarty
*Sent:* Tuesday, February 24, 2015 3:08 PM
*To:* Hannes Tschofenig
*Cc:* oauth@ietf.org
*Subject:* Re: [OAUTH-WG] AD review of Draft-ietf-dyn-reg
Hello,
Thanks for updating the draft. I just want
Yes but it is authenticating the client to the AS as part of the resource
owners consent.
Ther eis a one to one mapping of resource owner to client in that case.
The client ID is no more identifying than the refresh token that maps to the RO
by design.
Yes the grant identifies the RO in
From: OAuth [mailto:oauth-boun...@ietf.org mailto:oauth-boun...@ietf.org]
On Behalf Of Kathleen Moriarty
Sent: Tuesday, February 24, 2015 3:08 PM
To: Hannes Tschofenig
Cc: oauth@ietf.org mailto:oauth@ietf.org
Subject: Re: [OAUTH-WG] AD review of Draft-ietf-dyn-reg
Hello,
Thanks
Not that I'm aware of.
-Original Message-
From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Bill Burke
Sent: Tuesday, February 24, 2015 3:59 PM
To: oauth@ietf.org
Subject: Re: [OAUTH-WG] AD review of Draft-ietf-dyn-reg
Is there plans to derive from any other parts of openid
@ietf.org
*Subject:* Re: [OAUTH-WG] AD review of Draft-ietf-dyn-reg
Hello,
Thanks for updating the draft. I just want to confirm that Hannes is
okay with the updated definitions and updates the shepherd report to
reflect that.
This is getting held up a bit while we sort through copyright of text
of it.
-- Mike
From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Kathleen Moriarty
Sent: Tuesday, February 24, 2015 3:08 PM
To: Hannes Tschofenig
Cc: oauth@ietf.org
Subject: Re: [OAUTH-WG] AD review of Draft-ietf-dyn-reg
Hello,
Thanks for updating the draft. I just want to confirm
of it.
-- Mike
From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Kathleen Moriarty
Sent: Tuesday, February 24, 2015 3:08 PM
To: Hannes Tschofenig
Cc: oauth@ietf.org
Subject: Re: [OAUTH-WG] AD review of Draft-ietf-dyn-reg
Hello,
Thanks for updating the draft. I just want to confirm that Hannes is okay
of it.
-- Mike
From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Kathleen Moriarty
Sent: Tuesday, February 24, 2015 3:08 PM
To: Hannes Tschofenig
Cc: oauth@ietf.org
Subject: Re: [OAUTH-WG] AD review of Draft-ietf-dyn-reg
Hello,
Thanks for updating the draft. I just want to confirm
Hello,
Thanks for updating the draft. I just want to confirm that Hannes is okay
with the updated definitions and updates the shepherd report to reflect
that.
This is getting held up a bit while we sort through copyright of text from
UMA and OpenID. The text from UMA went into an IETF draft,
I’ll incorporate this feedback into another draft, to be posted by the end of
the week. Thanks everyone!
— Justin
On Feb 18, 2015, at 10:30 AM, Kathleen Moriarty
kathleen.moriarty.i...@gmail.com wrote:
On Wed, Feb 18, 2015 at 10:07 AM, John Bradley ve7...@ve7jtb.com
Hi Justin, Hi John,
I believe that provisioning a client with a unique id (which is what a
client id/client secret is) allows some form of linkability. While it
may be possible to associate the client to a specific user I could very
well imagine that the correlation between activities from a user
Kathleen == Kathleen Moriarty kathleen.moriarty.i...@gmail.com writes:
Kathleen registry, but setting HTTP Basic as the default seems like
Kathleen a really bad choice. HOBA is on it's way to becoming an
Kathleen RFC from the HTTPAuth working group. HTTPAuth also has an
Kathleen
On Wed, Feb 18, 2015 at 4:45 PM, Sam Hartman hartmans-i...@mit.edu wrote:
Kathleen == Kathleen Moriarty kathleen.moriarty.i...@gmail.com
writes:
Kathleen registry, but setting HTTP Basic as the default seems like
Kathleen a really bad choice. HOBA is on it's way to becoming an
Subject: Re: [OAUTH-WG] AD review of Draft-ietf-dyn-reg
Phil
@independentid
www.independentid.com
phil.h...@oracle.com
On Feb 11, 2015, at 8:31 PM, Justin Richer jric...@mit.edu wrote:
Kathleen, thanks for the review. Responses inline, though I'm going to
let the other authors
below...
From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Phil Hunt
Sent: Thursday, February 12, 2015 11:47 AM
To: Justin Richer
Cc: oauth@ietf.org
Subject: Re: [OAUTH-WG] AD review of Draft-ietf-dyn-reg
Phil
@independentid
www.independentid.com
phil.h...@oracle.com
snip
On Feb 18, 2015, at 6:46 AM, Kathleen Moriarty
kathleen.moriarty.i...@gmail.com wrote:
The client_id *could* be short lived, but they usually aren't. I don't see
any particular logging or tracking concerns using a dynamic OAuth client
above using any other piece of software,
On Wed, Feb 18, 2015 at 10:07 AM, John Bradley ve7...@ve7jtb.com wrote:
snip
On Feb 18, 2015, at 6:46 AM, Kathleen Moriarty
kathleen.moriarty.i...@gmail.com wrote:
The client_id *could* be short lived, but they usually aren't. I don't
see any particular logging or tracking concerns using
Subject: Re: [OAUTH-WG] AD review of Draft-ietf-dyn-reg
Phil
@independentid
www.independentid.com
phil.h...@oracle.com
On Feb 11, 2015, at 8:31 PM, Justin Richer jric...@mit.edu wrote:
Kathleen, thanks for the review. Responses inline, though I'm going to let
the other authors talk
A few responses and comments are inline below...
From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Phil Hunt
Sent: Thursday, February 12, 2015 11:47 AM
To: Justin Richer
Cc: oauth@ietf.org
Subject: Re: [OAUTH-WG] AD review of Draft-ietf-dyn-reg
Phil
@independentid
Phil
@independentid
www.independentid.com
phil.h...@oracle.com
On Feb 11, 2015, at 8:31 PM, Justin Richer jric...@mit.edu wrote:
Kathleen, thanks for the review. Responses inline, though I'm going to let
the other authors talk about their sections (deployment org, software
version, etc)
Thank you for your work on this draft and sorry for the delay in my
review. Before we progress to IETF last call, I'd like to see what we can
resolve from the list below. I am looking at the IPR issues to see if we
can resolve the outstanding questions as well.
The Shepherd report says the
Kathleen, thanks for the review. Responses inline, though I'm going to
let the other authors talk about their sections (deployment org,
software version, etc) directly.
On 2/11/2015 6:06 PM, Kathleen Moriarty wrote:
Thank you for your work on this draft and sorry for the delay in my
review.
23 matches
Mail list logo
