[WG-UMA] OAuth 2.0 and the Road to Hell

Salvatore D'Agostino sal at idmachines.com
Sat Jul 28 14:43:51 EDT 2012


John,

 

Glad to hear the good with the bad.

 

Thanks,

Sal

 

From: John Bradley [mailto:ve7jtb at ve7jtb.com] 
Sent: Saturday, July 28, 2012 1:00 PM
To: Salvatore D'Agostino
Cc: 'Eve Maler'; 'Alam'; 'UMA WG WG'
Subject: Re: [WG-UMA] OAuth 2.0 and the Road to Hell

 

Get a grip people.  The sky is not falling.   Life is good.

 

The OAuth workgroup has been making excellent progress closing the open
issues.

 

We are now finishing the instructions for the RFC editor.  The spec has been
completed in the last several months since the chairs removed the editor's
ability to block progress.

 

I don't hink it would have been in UMA's interest to support only
confidential clients with only MAC tokens.   It is true that protocols using
OAuth 2 need to define there security models and profile the spec as UMA
has.   This is normal,  nothing has changed except that OAuth is making
progress again.

 

John B.

 

On 2012-07-28, at 9:45 AM, Salvatore D'Agostino wrote:





Hi Eve,

 

Been lurking and seen this all come to pass as well.

 

Assume that the bad part is that Eran is right and that OAuth 2 is less
likely the building block we looked to build on?

 

Regards,

 

Sal

 

From: wg-uma-bounces at kantarainitiative.org
[mailto:wg-uma-bounces at kantarainitiative.org] On Behalf Of Eve Maler
Sent: Friday, July 27, 2012 8:26 PM
To: Alam
Cc: UMA WG WG
Subject: Re: [WG-UMA] OAuth 2.0 and the Road to Hell

 

Sigh. This is an extraordinarily unhelpful blog post. Dick Hardt's comment
late in the thread captures some of the frustration around Eran's position
and actions...

 

            Eve

 

On 27 Jul 2012, at 8:44 AM, Alam <alamjan at gmail.com> wrote:






Hi All,

"They say the road to hell is paved with good intentions. Well, that's OAuth
2.0 <http://tools.ietf.org/html/draft-ietf-oauth-v2> . "  Eran Hammer
for more ...

http://hueniverse.com/2012/07/oauth-2-0-and-the-road-to-hell/

Cheers,
Alam
_______________________________________________
WG-UMA mailing list
WG-UMA at kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/wg-uma

 


Eve Maler                                  http://www.xmlgrrl.com/blog
+1 425 345 6756                         http://www.twitter.com/xmlgrrl





 

_______________________________________________
WG-UMA mailing list
WG-UMA at kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/wg-uma

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://kantarainitiative.org/pipermail/wg-uma/attachments/20120728/87622ab5/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6085 bytes
Desc: not available
Url : http://kantarainitiative.org/pipermail/wg-uma/attachments/20120728/87622ab5/attachment.bin 


More information about the WG-UMA mailing list