Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-dpop-06.txt

Thu, 03 Mar 2022 10:56:28 -0800 

FYI, I posted about this revision at https://self-issued.info/?p=2258 and 
https://twitter.com/selfissued/status/1499457532200308755.

                                                       -- Mike

From: OAuth <[email protected]> On Behalf Of Brian Campbell
Sent: Tuesday, March 1, 2022 1:14 PM
To: [email protected]
Subject: Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-dpop-06.txt

This -06 revisoun has a relatively small set of mostly editorial changes and a 
(hopefully) better name for the client metadata that was introduced in -05.


On Tue, Mar 1, 2022 at 1:38 PM 
<[email protected]<mailto:[email protected]>> wrote:

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol WG of the IETF.

        Title           : OAuth 2.0 Demonstrating Proof-of-Possession at the 
Application Layer (DPoP)
        Authors         : Daniel Fett
                          Brian Campbell
                          John Bradley
                          Torsten Lodderstedt
                          Michael Jones
                          David Waite
        Filename        : draft-ietf-oauth-dpop-06.txt
        Pages           : 42
        Date            : 2022-03-01

Abstract:
   This document describes a mechanism for sender-constraining OAuth 2.0
   tokens via a proof-of-possession mechanism on the application level.
   This mechanism allows for the detection of replay attacks with access
   and refresh tokens.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-dpop/

There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-oauth-dpop-06.html

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-dpop-06


Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts


_______________________________________________
OAuth mailing list
[email protected]<mailto:[email protected]>
https://www.ietf.org/mailman/listinfo/oauth

CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately by 
e-mail and delete the message and any file attachments from your computer. 
Thank you.

_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to