Thanks for the reminder Eran. It's unclear to me how many people religiously read this list, but perhaps if you could provide some bullet points on work/changes that you expect to go on with the IETF list, that might help folks decide whether to make the jump and get involved over there.
It might also not be clear if there are any barriers (IP or otherwise) to participation in an IETF group over this one; perhaps you can also outline, briefly, what the lifecycle of an IETF spec for OAuth would look like. Thanks, Chris On Tue, Jan 27, 2009 at 11:24 AM, Eran Hammer-Lahav <[email protected]>wrote: > > If you are busy, please click here and subscribe: > https://www.ietf.org/mailman/listinfo/oauth > > I would like to remind people about the standardization effort we are > trying to kick-start in the IETF. In Nov we had a very successful BoF > session at the 73rd IETF meeting. OAuth received a very warm and > welcoming reception from members of the IETF community, and there was > wide consensus that addressing the problem of delegated authorization > is important and that OAuth represent the best and most promising > solution. > > The main focus of the IETF work is to tighten up the specification > (clarify language, reduce interoperability issues, add missing > elements such as error codes) and enhance its security to meet current > IETF security standards. Overall, this is all stuff we have been > talking about on this list for the past year. > > The reason for bringing this work to the IETF (over continuing it > here) is to increase the audience and reach of the protocol. While > many web companies are happy adopting an open community specification, > other more conservative companies (such as banks and government > agencies) tend to wait for an official standard from a recognized body > to adopt. I personally believe that support for OAuth in financial > services is vital and this seems like the more promising path to > achieve this goal. > > Now that we are all back from holidays and time off, we should resume > our effort on this. If you have not done so already, please go to: > > https://www.ietf.org/mailman/listinfo/oauth > > And subscribe to the list. At this point it is very low in traffic and > you can unsubscribe at any time. But it will guarantee you don't miss > out on the important upcoming step: creating a working group charter. > > The goal of the charter is to define the scope of the work being done, > and how it is worded can help later on in keeping the group focused. > The key question right now with regard to the charter is how it should > address changing the current OAuth Core 1.0 specification. How much > should the working group be allowed to break the spec in order to > accommodate the security and features the newer version needs to > include. > > Sam Hartman started this discussion <http://www.ietf.org/mail-archive/ > web/oauth/current/msg00005.html<http://www.ietf.org/mail-archive/web/oauth/current/msg00005.html>> > and it is very much still open and > far from conclusion. If you have an interest or a stake in how OAuth > might evolve, it is crucial that you spend a few minutes (today!) > subscribing to the list and catching up on the thread there (it is > short). > > EHL > > > > > > -- Chris Messina Citizen-Participant & Open Web Advocate-at-Large factoryjoe.com # diso-project.org citizenagency.com # vidoop.com This email is: [ ] bloggable [X] ask first [ ] private --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
