> -----Original Message----- > From: I-D-Announce <[email protected]> On Behalf Of internet- > [email protected] > Sent: Monday, October 17, 2022 9:02 AM > To: [email protected] > Cc: [email protected] > Subject: [EXTERNAL] I-D Action: draft-ietf-regext-rdap-openid-18.txt > > Caution: This email originated from outside the organization. Do not click > links > or open attachments unless you recognize the sender and know the content is > safe. > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Registration Protocols Extensions WG of the > IETF. > > Title : Federated Authentication for the Registration Data > Access > Protocol (RDAP) using OpenID Connect > Author : Scott Hollenbeck > Filename : draft-ietf-regext-rdap-openid-18.txt > Pages : 42 > Date : 2022-10-17 > > Abstract: > The Registration Data Access Protocol (RDAP) provides "RESTful" web > services to retrieve registration metadata from domain name and > regional internet registries. RDAP allows a server to make access > control decisions based on client identity, and as such it includes > support for client identification features provided by the Hypertext > Transfer Protocol (HTTP). Identification methods that require > clients to obtain and manage credentials from every RDAP server > operator present management challenges for both clients and servers, > whereas a federated authentication system would make it easier to > operate and use RDAP without the need to maintain server-specific > client credentials. This document describes a federated > authentication system for RDAP based on OpenID Connect.
[SAH] This update addresses most of the feedback received during the recent WG last call. There are still a few open issues for which I'm hoping to see WG discussion: 1. How do we address web service clients? 2. Are there any security concerns associated with return of the "userID", "iss", and "userClaims" members of the "farv1_session" data structure? 3. Anything else I might have inadvertently missed. Scott _______________________________________________ regext mailing list [email protected] https://www.ietf.org/mailman/listinfo/regext
