No, this is the the work formerly known as origin bound certificates & Channel ID. We need this to bind id_tokens and or access tokens to TLS sessions.
So it is an alternative TLS binding mechanism. We still need to describe how to use it with OAuth and JWT. It is a building block we can use for PoP. John B. > On Dec 5, 2014, at 10:48 PM, Phil Hunt <[email protected]> wrote: > > Doesn't that duplicate our current work? > > Phil > >> On Dec 5, 2014, at 11:17, Hannes Tschofenig <[email protected]> >> wrote: >> >> >> >> >> -------- Forwarded Message -------- >> Subject: [websec] unbearable - new mailing list to discuss better than >> bearer tokens... >> Date: Fri, 05 Dec 2014 16:43:19 +0000 >> From: Stephen Farrell <[email protected]> >> Reply-To: Stephen Farrell <[email protected]> >> To: [email protected] <[email protected]>, websec <[email protected]>, >> [email protected] <[email protected]>, [email protected] Group >> <[email protected]>, [email protected] <[email protected]> >> >> >> Hiya, >> >> Following up on the presentation at IETF-91 on this topic, [1] >> we've created a new list [2] for moving that along. The list >> description is: >> >> "This list is for discussion of proposals for doing better than bearer >> tokens (e.g. HTTP cookies, OAuth tokens etc.) for web applications. >> The specific goal is chartering a WG focused on preventing security >> token export and replay attacks." >> >> If you're interested please join in. >> >> Thanks to Vinod and Andrei for agreeing to admin the list. >> >> We'll kick off discussion in a few days when folks have had >> a chance to subscribe. >> >> Cheers, >> S. >> >> PS: Please don't reply-all to this, join the new list, wait >> a few days and then say what you need to say:-) >> >> [1] https://tools.ietf.org/agenda/91/slides/slides-91-uta-2.pdf >> [2] https://www.ietf.org/mailman/listinfo/unbearable >> >> _______________________________________________ >> websec mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/websec >> >> >> >> _______________________________________________ >> OAuth mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
