Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-v2-1-06.txt
I, too, would like to apologize for submitting this right before the meeting tomorrow! The good news is that none of the changes should be surprising, as this version incorporates all the feedback from the previous meeting in Vienna. There are only 15 minutes on the agenda tomorrow to cover this and my other draft, so it will mostly be a status update anyway. I'm looking forward to diving deeper into some new topics during the side meetings this week! Aaron On Sun, Jul 24, 2022 at 6:42 PM wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Web Authorization Protocol WG of the IETF. > > Title : The OAuth 2.1 Authorization Framework > Authors : Dick Hardt > Aaron Parecki > Torsten Lodderstedt > Filename: draft-ietf-oauth-v2-1-06.txt > Pages : 84 > Date: 2022-07-24 > > Abstract: >The OAuth 2.1 authorization framework enables a third-party >application to obtain limited access to a protected resource, either >on behalf of a resource owner by orchestrating an approval >interaction between the resource owner and an authorization service, >or by allowing the third-party application to obtain access on its >own behalf. This specification replaces and obsoletes the OAuth 2.0 >Authorization Framework described in RFC 6749. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-oauth-v2-1/ > > There is also an HTML version available at: > https://www.ietf.org/archive/id/draft-ietf-oauth-v2-1-06.html > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-v2-1-06 > > > Internet-Drafts are also available by rsync at rsync.ietf.org: > :internet-drafts > > > ___ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > ___ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
[OAUTH-WG] I-D Action: draft-ietf-oauth-v2-1-06.txt
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Web Authorization Protocol WG of the IETF. Title : The OAuth 2.1 Authorization Framework Authors : Dick Hardt Aaron Parecki Torsten Lodderstedt Filename: draft-ietf-oauth-v2-1-06.txt Pages : 84 Date: 2022-07-24 Abstract: The OAuth 2.1 authorization framework enables a third-party application to obtain limited access to a protected resource, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and an authorization service, or by allowing the third-party application to obtain access on its own behalf. This specification replaces and obsoletes the OAuth 2.0 Authorization Framework described in RFC 6749. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-oauth-v2-1/ There is also an HTML version available at: https://www.ietf.org/archive/id/draft-ietf-oauth-v2-1-06.html A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-v2-1-06 Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts ___ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-step-up-authn-challenge-02.txt
No On Sun, Jul 24, 2022, 6:38 AM wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Web Authorization Protocol WG of the IETF. > > Title : OAuth 2.0 Step-up Authentication Challenge > Protocol > Authors : Vittorio Bertocci > Brian Campbell > Filename: draft-ietf-oauth-step-up-authn-challenge-02.txt > Pages : 13 > Date: 2022-07-24 > > Abstract: >It is not uncommon for resource servers to require different >authentication strengths or freshness according to the >characteristics of a request. This document introduces a mechanism >for a resource server to signal to a client that the authentication >event associated with the access token of the current request doesn't >meet its authentication requirements and specify how to meet them. >This document also codifies a mechanism for a client to request that >an authorization server achieve a specific authentication strength or >freshness when processing an authorization request. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-oauth-step-up-authn-challenge/ > > There is also an HTML version available at: > > https://www.ietf.org/archive/id/draft-ietf-oauth-step-up-authn-challenge-02.html > > A diff from the previous version is available at: > > https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-step-up-authn-challenge-02 > > > Internet-Drafts are also available by rsync at rsync.ietf.org: > :internet-drafts > > > ___ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > ___ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
[OAUTH-WG] Fwd: I-D Action: draft-ietf-oauth-step-up-authn-challenge-02.txt
I realize it isn't great etiquette to publish right before the meeting when the submission tool cut-off reopens. However, this revision only fixes some typos that were introduced in the prior revision and begins to fill out the acknowledgements section. So there are no material changes. -- Forwarded message - From: Date: Sun, Jul 24, 2022 at 5:38 AM Subject: [OAUTH-WG] I-D Action: draft-ietf-oauth-step-up-authn-challenge-02.txt To: Cc: A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Web Authorization Protocol WG of the IETF. Title : OAuth 2.0 Step-up Authentication Challenge Protocol Authors : Vittorio Bertocci Brian Campbell Filename: draft-ietf-oauth-step-up-authn-challenge-02.txt Pages : 13 Date: 2022-07-24 Abstract: It is not uncommon for resource servers to require different authentication strengths or freshness according to the characteristics of a request. This document introduces a mechanism for a resource server to signal to a client that the authentication event associated with the access token of the current request doesn't meet its authentication requirements and specify how to meet them. This document also codifies a mechanism for a client to request that an authorization server achieve a specific authentication strength or freshness when processing an authorization request. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-oauth-step-up-authn-challenge/ There is also an HTML version available at: https://www.ietf.org/archive/id/draft-ietf-oauth-step-up-authn-challenge-02.html A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-step-up-authn-challenge-02 Internet-Drafts are also available by rsync at rsync.ietf.org: :internet-drafts ___ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth -- _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._ ___ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
[OAUTH-WG] I-D Action: draft-ietf-oauth-step-up-authn-challenge-02.txt
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Web Authorization Protocol WG of the IETF. Title : OAuth 2.0 Step-up Authentication Challenge Protocol Authors : Vittorio Bertocci Brian Campbell Filename: draft-ietf-oauth-step-up-authn-challenge-02.txt Pages : 13 Date: 2022-07-24 Abstract: It is not uncommon for resource servers to require different authentication strengths or freshness according to the characteristics of a request. This document introduces a mechanism for a resource server to signal to a client that the authentication event associated with the access token of the current request doesn't meet its authentication requirements and specify how to meet them. This document also codifies a mechanism for a client to request that an authorization server achieve a specific authentication strength or freshness when processing an authorization request. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-oauth-step-up-authn-challenge/ There is also an HTML version available at: https://www.ietf.org/archive/id/draft-ietf-oauth-step-up-authn-challenge-02.html A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-step-up-authn-challenge-02 Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts ___ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth