Discussion:
[OAUTH-WG] I-D Action: draft-ietf-oauth-device-flow-05.txt
i***@ietf.org
2017-03-13 17:39:02 UTC
Permalink
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol of the IETF.

Title : OAuth 2.0 Device Flow for Browserless and Input Constrained Devices
Authors : William Denniss
John Bradley
Michael B. Jones
Hannes Tschofenig
Filename : draft-ietf-oauth-device-flow-05.txt
Pages : 15
Date : 2017-03-13

Abstract:
This OAuth 2.0 authorization flow for browserless and input
constrained devices, often referred to as the device flow, enables
OAuth clients to request user authorization from devices that have an
Internet connection, but don't have an easy input method (such as a
smart TV, media console, picture frame, or printer), or lack a
suitable browser for a more traditional OAuth flow. This
authorization flow instructs the user to perform the authorization
request on a secondary device, such as a smartphone. There is no
requirement for communication between the constrained device and the
user's secondary device.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-device-flow/

There's also a htmlized version available at:
https://tools.ietf.org/html/draft-ietf-oauth-device-flow-05

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-device-flow-05


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
William Denniss
2017-03-13 18:44:00 UTC
Permalink
Version -05 addresses comments from the work group, includes normative
changes:

o response_type parameter removed from authorization request.
o Added option for clients to include the user_code on the
verification URI.
o Clarified token expiry, and other nits.


Thank you Roshni Chandrashekhar, Brian Campbell, James Manager, and Justin
Richer for your valuable feedback. Thank you to my co-author Mike Jones for
reviewing and correcting all changes that resulted, and for the quality
pass on the doc.
Post by i***@ietf.org
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol of the IETF.
Title : OAuth 2.0 Device Flow for Browserless and Input
Constrained Devices
Authors : William Denniss
John Bradley
Michael B. Jones
Hannes Tschofenig
Filename : draft-ietf-oauth-device-flow-05.txt
Pages : 15
Date : 2017-03-13
This OAuth 2.0 authorization flow for browserless and input
constrained devices, often referred to as the device flow, enables
OAuth clients to request user authorization from devices that have an
Internet connection, but don't have an easy input method (such as a
smart TV, media console, picture frame, or printer), or lack a
suitable browser for a more traditional OAuth flow. This
authorization flow instructs the user to perform the authorization
request on a secondary device, such as a smartphone. There is no
requirement for communication between the constrained device and the
user's secondary device.
https://datatracker.ietf.org/doc/draft-ietf-oauth-device-flow/
https://tools.ietf.org/html/draft-ietf-oauth-device-flow-05
https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-device-flow-05
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
OAuth mailing list
https://www.ietf.org/mailman/listinfo/oauth
Mike Jones
2017-03-13 23:22:11 UTC
Permalink
FYI, I blogged about this at http://self-issued.info/?p=1657 and as @selfissued<https://twitter.com/selfissued>.

-- Mike

From: William Denniss [mailto:***@google.com]
Sent: Monday, March 13, 2017 11:44 AM
To: ***@ietf.org; Justin Richer <***@mit.edu>; Brian Campbell <***@pingidentity.com>; Manger, James <***@team.telstra.com>; Mike Jones <***@microsoft.com>; Hannes Tschofenig <***@arm.com>; John Bradley <***@ve7jtb.com>
Subject: Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-device-flow-05.txt

Version -05 addresses comments from the work group, includes normative changes:


o response_type parameter removed from authorization request.

o Added option for clients to include the user_code on the

verification URI.

o Clarified token expiry, and other nits.


Thank you Roshni Chandrashekhar, Brian Campbell, James Manager, and Justin Richer for your valuable feedback. Thank you to my co-author Mike Jones for reviewing and correcting all changes that resulted, and for the quality pass on the doc.

On Mon, Mar 13, 2017 at 10:39 AM, <internet-***@ietf.org<mailto:internet-***@ietf.org>> wrote:

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol of the IETF.

Title : OAuth 2.0 Device Flow for Browserless and Input Constrained Devices
Authors : William Denniss
John Bradley
Michael B. Jones
Hannes Tschofenig
Filename : draft-ietf-oauth-device-flow-05.txt
Pages : 15
Date : 2017-03-13

Abstract:
This OAuth 2.0 authorization flow for browserless and input
constrained devices, often referred to as the device flow, enables
OAuth clients to request user authorization from devices that have an
Internet connection, but don't have an easy input method (such as a
smart TV, media console, picture frame, or printer), or lack a
suitable browser for a more traditional OAuth flow. This
authorization flow instructs the user to perform the authorization
request on a secondary device, such as a smartphone. There is no
requirement for communication between the constrained device and the
user's secondary device.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-device-flow/

There's also a htmlized version available at:
https://tools.ietf.org/html/draft-ietf-oauth-device-flow-05

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-device-flow-05


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org<http://tools.ietf.org>.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

_______________________________________________
OAuth mailing list
***@ietf.org<mailto:***@ietf.org>
https://www.ietf.org/mailman/listinfo/oauth

Loading...