I’d replace MAC with Bearer From: William Mills [mailto:[email protected]] Sent: Tuesday, August 14, 2012 12:54 PM To: Mike Jones; Torsten Lodderstedt Cc: O Auth WG Subject: Re: [OAUTH-WG] OAuth 1.0a
Yeah, I still need 1.0a to work which I was hoping to replace with MAC. ________________________________ From: Mike Jones <[email protected]<mailto:[email protected]>> To: William Mills <[email protected]<mailto:[email protected]>>; Torsten Lodderstedt <[email protected]<mailto:[email protected]>> Cc: O Auth WG <[email protected]<mailto:[email protected]>> Sent: Tuesday, August 14, 2012 12:44 PM Subject: RE: [OAUTH-WG] OAuth 1.0a Agreed. Use Bearer now. If you have requirements that Bearer *can’t* meet, please use them as input to the working group’s future work. -- Mike From: Torsten Lodderstedt [mailto:[email protected]]<mailto:[mailto:[email protected]]> Sent: Tuesday, August 14, 2012 12:43 PM To: William Mills Cc: Mike Jones; O Auth WG Subject: Re: [OAUTH-WG] OAuth 1.0a Hi Bill, do you need to specify this aspect of your SASL profile now? Why don't you wait for the group to complete the work on signing/HoK? You could also contribute your use cases to drive the discussion. best regards, Torsten. Am 14.08.2012 21:37, schrieb William Mills: It's for the OAUTH SASL spec. I've been writing it with the idea that OAuth 1.0a would work (since I think we'll have extant 1.0a typ[e tokens we want to allow for IMAP), but several folks were saying when this all started that 1.0a was dead and I should not refer to it. I want to make sure the SASL mechanism is build to properly handle signed auth schemes and not just bearer (cookie) type. -bill ________________________________ From: Mike Jones <[email protected]><mailto:[email protected]> To: William Mills <[email protected]><mailto:[email protected]>; O Auth WG <[email protected]><mailto:[email protected]> Sent: Tuesday, August 14, 2012 12:28 PM Subject: RE: [OAUTH-WG] OAuth 1.0a What problem are you trying to solve? From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of William Mills Sent: Tuesday, August 14, 2012 12:22 PM To: O Auth WG Subject: [OAUTH-WG] OAuth 1.0a What's the general opinion on 1.0a? Am I stepping in something if I refer to it in another draft? I want to reference an auth scheme that uses signing and now MAC is apparently going back to the drawing board, so I'm thinking about using 1.0a. Thanks, -bill _______________________________________________ OAuth mailing list [email protected]<mailto:[email protected]> https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
