Re: [OAUTH-WG] carrying oauth authorisation without HTTP

2020-04-29 Thread Daniel Migault
Thanks for the feed back. I have the impression that in our case, SASL might not be viable as our primary communication is DNS over TLS. But that is good to know anyway. Yours, Daniel On Wed, Apr 29, 2020 at 12:54 PM Neil Madden wrote: > There is also https://tools.ietf.org/html/rfc7628 > > On

Re: [OAUTH-WG] carrying oauth authorisation without HTTP

2020-04-29 Thread Daniel Migault
Thanks for the feed back. So in our case the communication between the Home router and the RS is DNS over TLS, so no HTTP, CoAP. We do not have hard constraint over the protocol being used between the Home Router and the AS. Currently there is no such communication. One possible solution would be

Re: [OAUTH-WG] carrying oauth authorisation without HTTP

2020-04-29 Thread Neil Madden
There is also https://tools.ietf.org/html/rfc7628 > On 29 Apr 2020, at 17:45, Justin Richer wrote: > > It depends on what protocol you’re using on the socket connection between > the client (the home router) and the RS/AS. You’ll need :someplace: to put > the access token. RFC6750 and

Re: [OAUTH-WG] carrying oauth authorisation without HTTP

2020-04-29 Thread Justin Richer
It depends on what protocol you’re using on the socket connection between the client (the home router) and the RS/AS. You’ll need :someplace: to put the access token. RFC6750 and RFC8705 are explicitly about HTTP so you can’t use them directly, but other work (like that done in the ACE group

[OAUTH-WG] carrying oauth authorisation without HTTP

2020-04-28 Thread Daniel Migault
Hi, I am completely new to oauth and would like to solicit the WG for advice. We are working on the Home Router outsourcing a service in the homenet WG and we are wondering how oauth could be used to improve automation. Our scenario is represented in the figure below: 1. The end user