No-brainer, low-hanging-fruit: 2) Token Revocation 8) User Experience Extension
Don't see the point, but simple enough not to care if plenty of others want to see it included: 4) Client Instance Extension 5) XML Encoding 9) Request by Reference Now for the objectionable... 1) Dynamic Client Registration Protocol This is premature standardization and must be deferred until we have enough real world experience and real world requirements. Since we don't have enough interoperable web protocols (e.g. sharing photos), there is little need for dynamic client registration at this point. Doing this wrong would be extremely costly. We have tried this multiple times with OAuth 1.0 and failed because there was no one at the table shipping real-world products that needed this functionality. 3) UMA This is big enough, and complex enough, for its own working group and list (which I thought it already had elsewhere). Does not belong here. It is a layer above OAuth, not part of it. 6) JSON Web Token 7) JSON Web Token (JWT) Bearer Profile This is big enough for its own working group and list. It also overlaps with the new JSON signature working group recently created. 10) Simple Web Discovery First, this clearly does not belong here. This is a classic Application area item, and should really be raised in the application area general WG. I'd also point out that the IESG has recently approved the publication of host-meta as a proposed standard and the latest version includes a JSON flavor which makes this work redundant. EHL > -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf > Of Hannes Tschofenig > Sent: Wednesday, October 19, 2011 10:09 PM > To: OAuth WG > Subject: [OAUTH-WG] Rechartering > > Hi all, > > in preparation of the upcoming IETF meeting Barry and I would like to start a > re-chartering discussion. We both are currently attending the Internet > Identity Workshop and so we had the chance to solicit input from the > participants. This should serve as a discussion starter. > > Potential future OAuth charter items (in random order): > > ---------------- > > 1) Dynamic Client Registration Protocol > > Available document: > http://datatracker.ietf.org/doc/draft-hardjono-oauth-dynreg/ > > 2) Token Revocation > > Available document: > http://datatracker.ietf.org/doc/draft-lodderstedt-oauth-revocation/ > > 3) UMA > > Available document: > http://datatracker.ietf.org/doc/draft-hardjono-oauth-umacore/ > > 4) Client Instance Extension > > Available document: > http://tools.ietf.org/id/draft-richer-oauth-instance-00.txt > > 5) XML Encoding > > Available document: > http://tools.ietf.org/id/draft-richer-oauth-xml-00.txt > > 6) JSON Web Token > > Available document: > http://tools.ietf.org/html/draft-jones-json-web-token-05 > > 7) JSON Web Token (JWT) Bearer Profile > > Available document: > http://tools.ietf.org/html/draft-jones-oauth-jwt-bearer-00 > > 8) User Experience Extension > > Available document: > http://tools.ietf.org/html/draft-recordon-oauth-v2-ux-00 > > 9) Request by Reference > > Available document: > http://tools.ietf.org/html/draft-sakimura-oauth-requrl-00 > > 10) Simple Web Discovery > > Available document: > http://tools.ietf.org/html/draft-jones-simple-web-discovery-00 > > ---------------- > > We have the following questions: > > a) Are you interested in any of the above-listed items? (as a reviewer, co- > author, implementer, or someone who would like to deploy). It is also useful > to know if you think that we shouldn't work on a specific item. > > b) Are there other items you would like to see the group working on? > > Note: In case your document is expired please re-submit it. > > Ciao > Hannes & Barry > > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
