Re: Proposal for User Agent Augmented Authorization

2014-08-11 Thread Sam Penrose
Subject: Re: Proposal for User Agent Augmented Authorization - Original Message - From: Mike West mk...@google.com Hey Sam, this looks interesting indeed! Thanks for the very helpful comments. My main takeaway is that I have failed to communicate the use

Re: Proposal for User Agent Augmented Authorization

2014-08-07 Thread Marc Fawzi
- Original Message - From: Sam Penrose spenr...@mozilla.com To: Mike West mk...@google.com Cc: Webapps WG public-webapps@w3.org Sent: Wednesday, August 6, 2014 10:52:52 AM Subject: Re: Proposal for User Agent Augmented Authorization - Original Message - From

Re: Proposal for User Agent Augmented Authorization

2014-08-07 Thread Sam Penrose
WG public-webapps@w3.org Sent: Wednesday, August 6, 2014 10:52:52 AM Subject: Re: Proposal for User Agent Augmented Authorization - Original Message - From: Mike West mk...@google.com Hey Sam, this looks interesting indeed! Thanks for the very helpful

Proposal for User Agent Augmented Authorization

2014-08-06 Thread Sam Penrose
We think that users could be well served by providing simple ways for user agents and authentication protocols (specifically Oauth, we hope others) to support each other: https://github.com/SamPenrose/ua-augmented-auth Web apps suffer particularly due to non-http URIs and cookie segregation.

Re: Proposal for User Agent Augmented Authorization

2014-08-06 Thread Anne van Kesteren
On Wed, Aug 6, 2014 at 5:25 AM, Sam Penrose spenr...@mozilla.com wrote: Web apps suffer particularly due to non-http URIs and cookie segregation. We would like feedback on the specific APIs suggested, as well as the overall problem framing. Thank you for your consideration. One problem I

Re: Proposal for User Agent Augmented Authorization

2014-08-06 Thread Mike West
Hey Sam, this looks interesting indeed! It's not clear to me how this proposal interacts with the credential management proposal I sent out last week. Does the following more or less describe the integration you're thinking about, or have I completely misunderstood the proposal? ```

Re: Proposal for User Agent Augmented Authorization

2014-08-06 Thread Sam Penrose
- Original Message - From: Mike West mk...@google.com Hey Sam, this looks interesting indeed! Thanks for the very helpful comments. My main takeaway is that I have failed to communicate the use cases we are trying to solve. I really appreciate your getting down into the weeds of my

Re: Proposal for User Agent Augmented Authorization

2014-08-06 Thread Sam Penrose
From: Anne van Kesteren ann...@annevk.nl On Wed, Aug 6, 2014 at 5:25 AM, Sam Penrose spenr...@mozilla.com wrote: Web apps suffer particularly due to non-http URIs and cookie segregation. We would like feedback on the specific APIs suggested, as well as the overall problem framing. Thank

Re: Proposal for User Agent Augmented Authorization

2014-08-06 Thread Sam Penrose
was suggested here: https://github.com/SamPenrose/ua-augmented-auth/issues/1 - Original Message - From: Sam Penrose spenr...@mozilla.com To: Mike West mk...@google.com Cc: Webapps WG public-webapps@w3.org Sent: Wednesday, August 6, 2014 10:52:52 AM Subject: Re: Proposal for User Agent