[OAUTH-WG] Re: [mailmaint] Re: Standardized OAuth 2.0 Scopes for Mail, Calendar, and Contact Access

Sun, 20 Jul 2025 14:45:53 -0700 

Sections 2.7 and 4.1 specify the concrete scopes and establish an IANA registry
for it.

https://www.ietf.org/archive/id/draft-ietf-mailmaint-oauth-public-01.html#name-interoperable-oauth-scopes-
[https://www.ietf.org/archive/id/draft-ietf-mailmaint-oauth-public-01.html#name-interoperable-oauth-scopes-]

Further replies about this subject to mailma...@ietf.org only, please.


Clinton Bunch wrote on 20.7.2025, 19:48:

> In passing, but a quick look this morning seemed to indicate that my draft was
> exactly what it didn't specify.
> 
> On 7/20/2025 09:27, Kenneth Murchison wrote:
> 
> > Hi Clinton,
> > 
> > I haven't had a chance to read your draft yet, but are you familiar with
> > https://datatracker.ietf.org/doc/draft-ietf-mailmaint-oauth-public/
> > [https://datatracker.ietf.org/doc/draft-ietf-mailmaint-oauth-public/]
> > 
> > On 7/20/25 12:27 AM, Clinton Bunch wrote:
> > 
> > > I submitted >>
> > > https://datatracker.ietf.org/doc/draft-bunch-groupware-scopes/
> > > [https://datatracker.ietf.org/doc/draft-bunch-groupware-scopes/]
> > > 
> > > This is a proposal of standard OAUTH2 scopes to support the loosely >>
> > > coupled world of mail, calendaring, and contacts servers and clients.
> > > 
> > > The current state is that every Authorization Server defines their >> own
> > > scopes for these groupware services, leading client developers to >> hard
> > > code these scopes, which, in practicality, limits them to >> supporting
> > > OAUTH2 authentication for only a dozen or so providers big >> enough to
> > > strong arm them into it.
> > > 
> > > This is the remaining barrier to wide spread deployment of OAUTH2 >>
> > > authentication for groupware services.  The other half of the >> problem,
> > > Client Registration, is solved by RFC 7591, OAuth 2.0 >> Dynamic Client
> > > Registration Protocol.
> > > 
> > > With these two pieces in place, Authorization Servers and clients can >>
> > > begin to implement this advanced authorization process.
> 
> --
> mailmaint mailing list -- mailma...@ietf.org [mailma...@ietf.org]
> To unsubscribe send an email to mailmaint-le...@ietf.org
> [mailmaint-le...@ietf.org]

--
Beonex GmbH
Taunusstein bei Wiesbaden, Germany
CEO / Geschäftsführer: Ben Bucksch
Handelsregister: Amtsgericht Wiesbaden, HRB 30065
_______________________________________________
OAuth mailing list -- oauth@ietf.org
To unsubscribe send an email to oauth-le...@ietf.org

Reply via email to