[OAUTH-WG] I-D Action: draft-ietf-oauth-assertions-02.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Web Authorization Protocol Working Group of the IETF. Title : OAuth 2.0 Assertion Profile Author(s) : Michael B. Jones

[OAUTH-WG] Updated Dynamic Registration draft --- FW: I-D Action: draft-hardjono-oauth-dynreg-03.txt

Folks, As I mentioned at the last IETF (via jabber), the dynreg draft is interested primarily in dynamic client registration (not discovery). As such I've done some house-cleaning on the dynreg draft, removing Section 5 that has some early discussion about discovery and using section 7.2 (now

Re: [OAUTH-WG] Updated Dynamic Registration draft --- FW: I-D Action: draft-hardjono-oauth-dynreg-03.txt

Thanks! This removes all my concerns about the charter. EH -Original Message- From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of Thomas Hardjono Sent: Thursday, April 26, 2012 11:25 AM To: oauth@ietf.org Subject: [OAUTH-WG] Updated Dynamic Registration draft

[OAUTH-WG] I-D Action: draft-ietf-oauth-saml2-bearer-11.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Web Authorization Protocol Working Group of the IETF. Title : SAML 2.0 Bearer Assertion Profiles for OAuth 2.0 Author(s) : Chuck Mortimore

[OAUTH-WG] SAML 2.0 Bearer Assertion Profiles for OAuth 2.0 Draft -11 and OAuth 2.0 Assertion Profile Draft -02

Draft -11 of SAML 2.0 Bearer Assertion Profiles for OAuth 2.0 and draft -02 of OAuth 2.0 Assertion Profile have been published. The changes address comments raised during WGLC on the two documents that ended earlier this week. A summary of changes is included (with links to the comment in the mail

[OAUTH-WG] OAuth 2.0 JWT Bearer Token Profiles Specification Draft -04

Draft 04 of the OAuth 2.0 JWT Bearer Token Profiles Specificationhttp://tools.ietf.org/html/draft-jones-oauth-jwt-bearer has been published. This version tracks changes in the OAuth 2.0 Assertion Profilehttp://tools.ietf.org/html/draft-ietf-oauth-assertions and SAML 2.0 Bearer Assertion

Re: [OAUTH-WG] Shepherd review of draft-ietf-oauth-v2-threatmodel

Phil said... **However**  Editorially I feel strongly the comments fall outside the intended scope and purpose for this document. This document is about threats specifically related to the OAuth protocol.  It's intent is to go beyond security considerations to give implementers a feel

Re: [OAUTH-WG] Shepherd review of draft-ietf-oauth-v2-threatmodel

Oh, and sorry... threats document should be addressing that overselling problem[1], and if that means highlighting a few things that we think should be obvious, I'm in favour of it. ...I forgot to include the footnote. Barry [1] Note that I'm NOT saying that the WG is overselling OAuth, but