Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT: Conference Bridge Details -- Correction!

bridge time; here is the corrected version >>>>>> > but the details are actually the same. >>>>>> > >>>>>> > Meeting Number: 702 442 101 >>>>>> > Meeting Password: oauth >>>>>> > >&

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT: Conference Bridge Details -- Correction!

--- >>>>> > To join the online meeting >>>>> > --- >>>>> > 1. Go to >>>>> > https://nsn.webex.com/nsn/j.php?ED=268691357&UID=0&a

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT: Conference Bridge Details -- Correction!

x0YGjSRaNyDJbqnmJ2i-xirziLGyc2bHNI8=&RT=MiMyNQ%3D%3D > >> -Original Message- >> From: oauth-boun...@ietf.org<mailto:oauth-boun...@ietf.org> >> [mailto:oauth-boun...@ietf.org] On Behalf >> Of ext Tschofenig, Hannes (NSN - FI/Espoo) >> Sent: Wednesday, August

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT: Conference Bridge Details -- Correction!

your name and email address. >>>> > 3. Enter the meeting password: oauth >>>> > 4. Click "Join Now". >>>> > >>>> > To view in other time zones or languages, please click the link: >>>> > https://n

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT: Conference Bridge Details -- Correction!

c2bHNI8=&RT=MiMyNQ%3D%3D > >> -Original Message- >> From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf >> Of ext Tschofenig, Hannes (NSN - FI/Espoo) >> Sent: Wednesday, August 21, 2013 6:35 PM >> To: oauth mailing list >> Su

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT: Conference Bridge Details -- Correction!

>> > Outlook), click this link: >> > https://nsn.webex.com/nsn/j.php?ED=268691357&UID=0&ICS=MRS3&LD=1&RD=2&ST=1&SHA2=KseMD/IKx0YGjSRaNyDJbqnmJ2i-xirziLGyc2bHNI8=&RT=MiMyNQ%3D%3D >> > >> >> -Original Message- >> >&g

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT: Conference Bridge Details -- Correction!

iginal Message- > From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of > Phil Hunt > Sent: Thursday, August 22, 2013 12:23 PM > To: Tschofenig, Hannes (NSN - FI/Espoo) > Cc: oauth mailing list > Subject: Re: [OAUTH-WG] Dynamic Client Registration Conference

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT: Conference Bridge Details -- Correction!

inal Message- >> From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf >> Of ext Tschofenig, Hannes (NSN - FI/Espoo) >> Sent: Wednesday, August 21, 2013 6:35 PM >> To: oauth mailing list >> Subject: [OAUTH-WG] Dynamic Client Registration Confere

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT: Conference Bridge Details -- Correction!

013 12:23 PM To: Tschofenig, Hannes (NSN - FI/Espoo) Cc: oauth mailing list Subject: Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT: Conference Bridge Details -- Correction! I have attached a PDF including some of my thoughts, concerns, and suggestions for the u

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT: Conference Bridge Details -- Correction!

that's it? -Original Message- From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of Phil Hunt Sent: Thursday, August 22, 2013 12:23 PM To: Tschofenig, Hannes (NSN - FI/Espoo) Cc: oauth mailing list Subject: Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 2

[OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT: Conference Bridge Details -- Correction!

=MiMyNQ%3D%3D > -Original Message- > From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf > Of ext Tschofenig, Hannes (NSN - FI/Espoo) > Sent: Wednesday, August 21, 2013 6:35 PM > To: oauth mailing list > Subject: [OAUTH-WG] Dynamic Client Registration Conference Ca

[OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT: Conference Bridge Details

Here is the conference bridge and Webex information. >From an agenda point of view I guess we should start at a basic level, namely >with what we have already in the dynamic client registration document (and >folks may have actually missed it). There are two use cases described in the >WG docu

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT

: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT Hi Phil, Using dyn-reg-14 vocabulary: the BB+ `registration_jwt` is an "initial access token" that's used to perform a "Protected Registration" (see B.2<http://tools.ietf.org/html/draft-ie

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT

The registration_jwt captures many of the same things that the proposed "software statement" does, and it's presented as an initial access token. The Provider then parses this token and uses the BB+ Discovery system to validate the token against the Registry that issued it. This is what we talk

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT

Hi Phil, Using dyn-reg-14 vocabulary: the BB+ `registration_jwt` is an "initial access token" that's used to perform a "Protected Registration" (see B.2of dyn-reg-14). Does this make sense? (Happy to provide more detail if it

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT

Josh, I think BlueButton is an important example of use. Tell us more about registration_jwt (which is not part of dyn reg). Phil @independentid www.independentid.com phil.h...@oracle.com On 2013-08-20, at 8:30 AM, Josh Mandel wrote: > The group may be interested in bits of the followi

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT

The group may be interested in bits of the following classification that we put together for BlueButton+: http://blue-button.github.io/blue-button-plus-pull/#client-types Here, we classified apps according to 1. whether they can protect a `client_secret` and 2. whether they can protect a `regist

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT

By taxonomy i mean the distinct types of clients and associations. Eg - javascript - native app - web app - apps that associate to one endpoint vs those the register with multiple based on events - perm vs temporary associations There are probably more. As Torsten mentions one of the most im

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT

Hi Phil, > I think we should start by reviewing use cases taxonomy. What do you mean by "use cases taxonomy"? What exactly would we discuss under that item? > > Then a discussion on any client_id assumptions and actual requirements > for each client case. Why is registration needed for each

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT

From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf > Of ext Eve Maler > Sent: Tuesday, August 20, 2013 1:33 AM > To: Justin Richer > Cc: oauth mailing list > Subject: Re: [OAUTH-WG] Dynamic Client Registration Conference Call: > Thu 22 Aug, 2pm PDT > > H

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT

t;>>>>> >>>>>>>> I recall more than one in the re-chartering discussion said dyn reg >>>>> needed major changes to solve their use cases. >>>>>>>> >>>>>>>> Phil >>>>>>>>

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT

;>>>>> Phil >>>>>>> >>>>>>> On 2013-08-19, at 8:18, Justin Richer wrote: >>>>>>> >>>>>>>> Tony, I completely disagree. The proposals that I've seen have >>>> different means and di

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT

;ve seen have >>> different means and different end states, and they make different >>> assumptions about the relationship between entities and the >>> capabilities of all players. >>>>>>> >>>>>>> -- Justin >>>>>>> >

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT

players. >>>>>> >>>>>> -- Justin >>>>>> >>>>>> On 08/19/2013 11:15 AM, Anthony Nadalin wrote: >>>>>>> There are proposals out there that are trying to solve the same >> problem, but in different ways,

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT

t use cases. I do think that we need to make sure that >whatever proposal we select it needs to have a wide range of use cases >it solves, not just a single use case as the more solutions this group >produces the more confused folks will be >>>>>> >>>>>&g

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT

gt;>> different use cases. I do think that we need to make sure that whatever >>>>> proposal we select it needs to have a wide range of use cases it solves, >>>>> not just a single use case as the more solutions this group produces the >>>>> more confus

Re: [OAUTH-WG] Dynamic Client Registration Conference Call: Thu 22 Aug, 2pm PDT

;>> >>>> -----Original Message- >>>> From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of >>>> Justin Richer >>>> Sent: Monday, August 19, 2013 7:27 AM >>>> To: Phil Hunt >>>> Cc: oauth mailin