[OAUTH-WG] OAuth 2.0 and Access Control Lists (ACL)
Melvin Carvalho <melvincarvalho@gmail.com> Sun, 18 December 2011 17:05 UTC
Return-Path: <melvincarvalho@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C086521F8511 for <oauth@ietfa.amsl.com>; Sun, 18 Dec 2011 09:05:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.999
X-Spam-Level:
X-Spam-Status: No, score=-0.999 tagged_above=-999 required=5 tests=[BAYES_50=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c8iCeeWvNcUw for <oauth@ietfa.amsl.com>; Sun, 18 Dec 2011 09:05:43 -0800 (PST)
Received: from mail-vw0-f44.google.com (mail-vw0-f44.google.com [209.85.212.44]) by ietfa.amsl.com (Postfix) with ESMTP id 2A06921F850E for <oauth@ietf.org>; Sun, 18 Dec 2011 09:05:43 -0800 (PST)
Received: by vbbfo1 with SMTP id fo1so2722268vbb.31 for <oauth@ietf.org>; Sun, 18 Dec 2011 09:05:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; bh=pBkGcN7z0ksDfjGMm6foiEU+QsqVx/miZiSc0CwgO/A=; b=MGZKcngG6Xgxhny8nR4rakguWqhJAINYE/LrHrkOpUIY/ZLfkWdD8cb5OOWAgOzzII gr5g2uJbINLMb5sgdL6jl0HCEMiaNVJJth1LcSGyK2N9YsOPH3vVRBdpVvjrS10h4cLg I+lKoBzX/JnnE2sDVMpqavbVXtylMa+Rpq7Lk=
MIME-Version: 1.0
Received: by 10.52.94.148 with SMTP id dc20mr9845687vdb.109.1324227942650; Sun, 18 Dec 2011 09:05:42 -0800 (PST)
Received: by 10.52.34.6 with HTTP; Sun, 18 Dec 2011 09:05:42 -0800 (PST)
Date: Sun, 18 Dec 2011 18:05:42 +0100
Message-ID: <CAKaEYh+WRAnq9VXVn_FWUrHGNNSUS=aUompeXefVWGsQ-yiTLQ@mail.gmail.com>
From: Melvin Carvalho <melvincarvalho@gmail.com>
To: oauth@ietf.org
Content-Type: text/plain; charset="ISO-8859-1"
Subject: [OAUTH-WG] OAuth 2.0 and Access Control Lists (ACL)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 18 Dec 2011 17:09:18 -0000
Quick question. I was wondering if OAuth 2.0 can work with access control lists. For example there is a protected resource (e.g. a photo), and I want to set it up so that a two or more users (for example a group of friends) U1, U2 ... Un will be able to access it after authenticating. Is this kind of flow possibly with OAuth 2.0, and if so whose responsibility is it to maintain the list of agents than can access the resource?
- Re: [OAUTH-WG] OAuth 2.0 and Access Control Lists… William Mills
- Re: [OAUTH-WG] OAuth 2.0 and Access Control Lists… George Fletcher
- [OAUTH-WG] OAuth 2.0 and Access Control Lists (AC… Melvin Carvalho
- Re: [OAUTH-WG] OAuth 2.0 and Access Control Lists… Doug Tangren
- Re: [OAUTH-WG] OAuth 2.0 and Access Control Lists… Blaine Cook
- Re: [OAUTH-WG] OAuth 2.0 and Access Control Lists… Zeltsan, Zachary (Zachary)
- Re: [OAUTH-WG] OAuth 2.0 and Access Control Lists… Eve Maler