Hi Hannes, Has there been any updates to draft-ietf-oauth-pop-key-distribution? I could not find any updated document.
Best regards //Samuel On Fri, Jul 20, 2018 at 7:46 PM, Hannes Tschofenig < [email protected]> wrote: > Hi all, > > > > after several discussions we believe that we now have a proposal for > moving forward on this topic. > > We plan to update the expired draft <draft-ietf-oauth-pop-key-distribution-03> > and > > (1) remove the audience parameter and replace it with a > separately-specified resource parameter, > > (2) remove the alg parameter, > > (3) update the procedures for requesting and obtaining keying material, > > (4) Synchronize with the ACE and WebRTC work to make sure that their use > cases are appropriately covered. > > > > Regarding (1): The meeting participants have decided to standardize an > audience-alike parameter (in the form of a requested resource identifier) > at this weeks IETF OAuth meeting. For that purpose, working group adoption > of draft-campbell-oauth-resource-indicators is under way. Only a > reference to that document will be needed. > > > > Regarding (2): Removal of the alg parameter will simplify the document and > does not appear to be necessary for the currently investigated use cases. > This assumption will have to be verified. > > > > Regarding (3): Currently, the ACE-OAuth document and the > <draft-ietf-oauth-pop-key-distribution-03> use different parameter names. > Furthermore, those parameter names may be in conflict with other, already > standardized parameter names. Hence, some parameters may need to be > renamed. The plan is to focus on the following, minimal functionality only: > server-side symmetric key generation and client-side public key > registration to the AS. Furthermore, the encoding of the key transport will > have to take the different token formats and protocols into account. > > > > This approach will allow the ACE and WebRTC work to reference the generic > PoP key distribution document without having to specify their own duplicate > functionality. > > > > We are planning to update <draft-ietf-oauth-pop-key-distribution-03> next > week to have something to review. > > > > Ciao > > Hannes & Rifaat > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy the > information in any medium. Thank you. > > _______________________________________________ > Ace mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ace > >
_______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
