Just curious where this landed? Was it adopted by the WG? I'm ok with
adopting it. We will just need to be clear about the overlap with DPoP
and determine if guidance is necessary for when to use which method.
Thanks,
George
On 7/30/21 3:26 PM, Aaron Parecki wrote:
I support the adoption of this document, it seems like a good starting
point for defining the link between HTTP Signatures and OAuth.
Aaron
On Mon, Jul 19, 2021 at 7:18 AM Justin Richer <[email protected]
<mailto:[email protected]>> wrote:
Needless to say, but as the author of both this draft and the
draft that it would replace, I am in favor of adoption of this
document. There are still a lot of open questions to answer — such
as key introduction and management practices — and I think there
is a lot of power in the intersection of the OAuth and HTTPSig
spaces.
— Justin
On Jul 16, 2021, at 12:31 PM, Rifaat Shekh-Yusef
<[email protected] <mailto:[email protected]>> wrote:
All,
This is a call for adoption for the *OAuth Proof of Possession
Tokens with HTTP Message Signatures* draft as a WG document:
https://datatracker.ietf.org/doc/draft-richer-oauth-httpsig/
<https://datatracker.ietf.org/doc/draft-richer-oauth-httpsig/>
Please, provide your feedback on the mailing list *by July 30th*.
Regards,
Rifaat & Hannes
_______________________________________________
OAuth mailing list
[email protected] <mailto:[email protected]>
https://www.ietf.org/mailman/listinfo/oauth
<https://www.ietf.org/mailman/listinfo/oauth>
_______________________________________________
OAuth mailing list
[email protected] <mailto:[email protected]>
https://www.ietf.org/mailman/listinfo/oauth
<https://www.ietf.org/mailman/listinfo/oauth>
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
