And thank you Hannes for all the guidance and being agreat collaborator on this!
And to the WG, chairs, and shepherds, we did somethinggood here. Thank you all
for the review,attention, time, and your help as well.
-bill
On Tuesday, September 1, 2015 9:04 AM, Torsten Lodderstedt
<[email protected]> wrote:
+1
Am 1. September 2015 17:44:12 MESZ, schrieb Mike Jones
<[email protected]>:
Congratulations, Bill!
-----Original Message-----
From: OAuth [mailto:[email protected]] On Behalf Of Phil Hunt
Sent: Tuesday, September 01, 2015 8:14 AM
To: Hannes Tschofenig
Cc: [email protected]
Subject: Re: [OAUTH-WG] Fwd: RFC 7628 on A Set of Simple Authentication and
Security Layer (SASL) Mechanisms for OAuth
+1 !
Phil
On Aug 31, 2015, at 23:24, Hannes Tschofenig <[email protected]> wrote:
FYI: Thanks to Bill for the hard work!
-------- Forwarded Message --------
Subject: RFC 7628 on A Set of Simple Authentication and Security Layer
(SASL) Mechanisms for OAuth
Date: Mon, 31 Aug 2015 21:56:17 -0700 (PDT)
From: [email protected]
Reply-To: [email protected]
To: [email protected],[email protected]
CC: [email protected], [email protected],
[email protected]
A new Request for Comments is now available in online RFC libraries.
RFC 7628
Title: A Set of Simple Authentication
and Security Layer (SASL) Mechanisms
for OAuth
Author: W. Mills, T. Showalter, H. Tschofenig
Status: Standards Track
Stream: IETF
Date: August 2015
Mailbox: [email protected],
[email protected],
[email protected]
Pages: 21
Characters: 46408
Updates/Obsoletes/SeeAlso: None
I-D Tag: draft-ietf-kitten-sasl-oauth-23.txt
URL:
https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fwww.rfc-editor.org%2finfo%2frfc7628&data=01%7c01%7cMichael.Jones%40microsoft.com%7c9f19ef0544aa4990d83f08d2b2dff4a3%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=J1hIDrCTw8Xi1hMvg3ZaZ1xvdEFhol3BqHt2q6u6VWg%3d
DOI:
https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fdx.doi.org%2f10.17487%2fRFC7628&data=01%7c01%7cMichael.Jones%40microsoft.com%7c9f19ef0544aa4990d83f08d2b2dff4a3%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=%2fQVXZSXwbGDS7YVQ446RDFuPUxHNoLLwedzfrx0xKUE%3d
OAuth enables a third-party application to obtain limited access to a
protected resource, either on behalf of a resource owner by
orchestrating an approval interaction or by allowing the third-party
application to obtain access on its own behalf.
This document defines how an application client uses credentials
obtained via OAuth over the Simple Authentication and SecurityLayer
(SASL) to access a protected resource at a resource server. Thereby,
it enables schemes defined within the OAuth framework for
non-HTTP-based application protocols.
Clients typically store the user's long-term credential. This does,
however, lead to significant security vulnerabilities, for example,
when such a credential leaks. A significant benefit of OAuth for
usage in those clients is that the password is replaced by a shared
secret with higher entropy, i.e., the token. Tokens typically provide
limited access rights and can be managed and revoked separately from
the user's long-term password.
This document is a product of the Common Authentication Technology
Next Generation Working Group of the IETF.
This is now a Proposed Standard.
STANDARDS TRACK: This document specifies an Internet Standards Track
protocol for the Internet community, andrequests discussion and
suggestions for improvements. Please refer to the current edition of
the Official Internet Protocol Standards
(https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fwww.
rfc-editor.org%2fstandards&data=01%7c01%7cMichael.Jones%40microsoft.com%7c9f19ef0544aa4990d83f08d2b2dff4a3%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=7JPZiamj4nhqHgthEPDIzgpqkvR%2fAA6bj4Ck5vijFPU%3d)
for the standardization state and status of this protocol. Distribution of
this memo is unlimited.
This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fwww.i
etf.org%2fmailman%2flistinfo%2fietf-announce&data=01%7c01%7cMichael.Jo
nes%40microsoft.com%7c9f19ef0544aa4990d83f08d2b2dff4a3%7c72f988bf86f14
1af91ab2d7cd011db47%7c1&sdata=aGciLH4fsxKJ6MUO%2fPp6BMj3JFJ37oTjdaSJ5t
WbEkg%3d
https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fmailm
an.rfc-editor.org%2fmailman%2flistinfo%2frfc-dist&data=01%7c01%7cMicha
el.Jones%40microsoft.com%7c9f19ef0544aa4990d83f08d2b2dff4a3%7c72f988bf
86f141af91ab2d7cd011db47%7c1&sdata=agec9juMh0Zzn1mrY6avpBrLPlFfCs8zsyx
8bSLgDdc%3d
For searching the RFC series, see
https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fwww.r
fc-editor.org%2fsearch&data=01%7c01%7cMichael.Jones%40microsoft.com%7c
9f19ef0544aa4990d83f08d2b2dff4a3%7c72f988bf86f141af91ab2d7cd011db47%7c
1&sdata=veVw3wrA9Wz6CWTUfVTLCKAdduFgUDkiaabcuqFyRxc%3d
For downloading RFCs, see
https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fwww.r
fc-editor.org%2frfc.html&data=01%7c01%7cMichael.Jones%40microsoft.com%
7c9f19ef0544aa4990d83f08d2b2dff4a3%7c72f988bf86f141af91ab2d7cd011db47%
7c1&sdata=93atgoSh8enZBPOxNfMophuutPvidnrfoMxOc0XmjS8%3d
Requests for special distribution should beaddressed to either the
author of the RFC in question, or to [email protected].
Unless specifically noted otherwise on the RFC itself, all RFCs are
for unlimited distribution.
The RFC Editor Team
Association Management Solutions, LLC
OAuth mailing list
[email protected]
https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fwww.i
etf.org%2fmailman%2flistinfo%2foauth&data=01%7c01%7cMichael.Jones%40mi
crosoft.com%7c9f19ef0544aa4990d83f08d2b2dff4a3%7c72f988bf86f141af91ab2
d7cd011db47%7c1&sdata=ILpgvSqnqwWhHs7BAm7xXpjoUdVRhJhB2G3m%2fTn%2b6gU%
3d
OAuth mailing list
[email protected]
https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fwww.ietf.org%2fmailman%2flistinfo%2foauth&data=01%7c01%7cMichael.Jones%40microsoft.com%7c9f19ef0544aa4990d83f08d2b2dff4a3%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=ILpgvSqnqwWhHs7BAm7xXpjoUdVRhJhB2G3m%2fTn%2b6gU%3d
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
