> -----Original Message----- > From: I-D-Announce <[email protected]> On Behalf Of > [email protected] > Sent: Monday, November 8, 2021 7:45 AM > To: [email protected] > Cc: [email protected] > Subject: [EXTERNAL] I-D Action: draft-ietf-regext-rdap-openid-08.txt > > Caution: This email originated from outside the organization. Do not click > links > or open attachments unless you recognize the sender and know the content > is safe. > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Registration Protocols Extensions WG of the > IETF. > > Title : Federated Authentication for the Registration Data > Access > Protocol (RDAP) using OpenID Connect > Author : Scott Hollenbeck > Filename : draft-ietf-regext-rdap-openid-08.txt > Pages : 25 > Date : 2021-11-08 > > Abstract: > The Registration Data Access Protocol (RDAP) provides "RESTful" web > services to retrieve registration metadata from domain name and > regional internet registries. RDAP allows a server to make access > control decisions based on client identity, and as such it includes > support for client identification features provided by the Hypertext > Transfer Protocol (HTTP). Identification methods that require > clients to obtain and manage credentials from every RDAP server > operator present management challenges for both clients and servers, > whereas a federated authentication system would make it easier to > operate and use RDAP without the need to maintain server-specific > client credentials. This document describes a federated > authentication system for RDAP based on OpenID Connect.
[SAH] Folks, this update includes some significant changes that were designed to align the specification more closely with both OpenID Connect and the web services architecture. For example, the ID of the query requestor can now be sent to the server in an HTTP authorization header OR a query parameter. The token management bits were also changed to include a refresh token in the /tokens response. Thanks to Mario Loffredo for the suggestions included in this update. Mario had some other suggestions that I haven't yet implemented. I encouraged him to share them with the list so we could have a broader discussion. Mario, please start that discussion at your convenience. Direct link to diff: https://www.ietf.org/rfcdiff?url2=draft-ietf-regext-rdap-openid-08 Scott _______________________________________________ regext mailing list [email protected] https://www.ietf.org/mailman/listinfo/regext
