Doesn't that duplicate our current work? Phil
> On Dec 5, 2014, at 11:17, Hannes Tschofenig <[email protected]> wrote: > > > > > -------- Forwarded Message -------- > Subject: [websec] unbearable - new mailing list to discuss better than > bearer tokens... > Date: Fri, 05 Dec 2014 16:43:19 +0000 > From: Stephen Farrell <[email protected]> > Reply-To: Stephen Farrell <[email protected]> > To: [email protected] <[email protected]>, websec <[email protected]>, > [email protected] <[email protected]>, [email protected] Group > <[email protected]>, [email protected] <[email protected]> > > > Hiya, > > Following up on the presentation at IETF-91 on this topic, [1] > we've created a new list [2] for moving that along. The list > description is: > > "This list is for discussion of proposals for doing better than bearer > tokens (e.g. HTTP cookies, OAuth tokens etc.) for web applications. > The specific goal is chartering a WG focused on preventing security > token export and replay attacks." > > If you're interested please join in. > > Thanks to Vinod and Andrei for agreeing to admin the list. > > We'll kick off discussion in a few days when folks have had > a chance to subscribe. > > Cheers, > S. > > PS: Please don't reply-all to this, join the new list, wait > a few days and then say what you need to say:-) > > [1] https://tools.ietf.org/agenda/91/slides/slides-91-uta-2.pdf > [2] https://www.ietf.org/mailman/listinfo/unbearable > > _______________________________________________ > websec mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/websec > > > > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
