Hi all,
I put the info about the interim meeting on the WG Wiki page:
http://trac.tools.ietf.org/wg/oauth/trac/wiki/InterimMeeting
I hope that the ongoing travel problems will be solved soon. We will have an
OAuth WG session also at IETF#78. I will work with Eran on the remote
participation.
I will work with Eran on this issue.
Eliot Lear wrote:
Hannes,
Can we please ask impose on our hosts to provide a room that is
suitable for conference calls? I would be happy to assist with WebEx
arrangements.
Eliot
On 4/19/10 12:41 PM, Hannes Tschofenig wrote:
Hi all,
I put the info
This is a reminder of the OAuth interim meeting, which happens this
Thursday, 20th May. The meeting venue is at Yahoo 701 First Ave
Sunnyvale, CA 94089.
Here is the info:
http://trac.tools.ietf.org/wg/oauth/trac/wiki/InterimMeeting
Be advised to read the latest OAuth specification to benefit
Hi Dorothy,
interesting that you mention this. I had spoken with Blaine last week about the
IETF meeting planning and we also had a chat about the need to have a new
charter.
We will need to get feedback from the working group members about the scope
because the initially envisioned steps
Hi all,
please find the latest agenda at:
http://www.ietf.org/proceedings/78/agenda/oauth.txt
Make sure that you read to provide input during the meeting:
http://datatracker.ietf.org/doc/draft-ietf-oauth-v2/
Ciao
Hannes Blaine
___
OAuth mailing
Hi Torsten,
there is no problem with skipping a meeting. This is done in other working
groups as well.
Ciao
Hannes
On Oct 15, 2010, at 2:22 PM, Eliot Lear wrote:
On 10/15/10 1:13 PM, tors...@lodderstedt.net wrote:
What is the alternative from your point of view?
Continued use of
Hi David,
I believe that there is lot of other work in the IETF with relevance to OAuth.
For example, at this IETF meeting the topics of interest are:
* Web related working groups in the APPS area.
* Security area, including the recently created ABFAB working group (see
Hi all,
We will start our conversations about Oauth security on Monday, November 8,
1300-1500.
As a starting point I suggest to look at:
http://trac.tools.ietf.org/wg/oauth/trac/wiki/SecurityConsiderations
http://trac.tools.ietf.org/wg/oauth/trac/wiki/SignaturesWhy
Melnikov alexey.melni...@isode.com wrote:
Hannes Tschofenig wrote:
Hi all,
Based on the positive response at the last IETF meeting we decided to hold
another Oauth tutorial, namely on Monday, November 8,0900-1130
I am sorry Hannes, but having this tutorial during the Apps Area open
Hey Tim,
Earlier this year we had discussions around use cases but they did not lead
to more insight.
There is a document in the draft repository that talks about use cases,
namely
http://datatracker.ietf.org/doc/draft-zeltsan-oauth-use-cases/
But it had never gotten a lot of attention on the
I am obviously not too lucky with this meeting. Now the social event was
announced for Tuesday.
So, yet another try: Wednesday, 19:30 (after the IETF Operations and
Administration Plenary).
Room will be announced.
Ciao
Hannes
Begin forwarded message:
From: Hannes Tschofenig
Hi Justin,
I was planning to use the IETF meeting week (which is next week) to discuss the
re-chartering of the working group with our ADs. I got some feedback from the
group on what extensions are interesting for standardization.
Ciao
Hannes
On Nov 4, 2010, at 2:15 AM, Richer, Justin P.
Hi all,
please consider attending the following two meetings!
** OAuth Security Session **
• Date: Monday, 13:00-15:00
• Location: IAB breakout room (Jade 2)
• Contact: Hannes Tschofenig hannes.tschofe...@gmx.net
The security consideration section of OAuth 2.0 (draft
We will meet there in 13:00 (till 15:00).
___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
The security session is today, and the tutorial is on Wednesday.
Details: http://www.ietf.org/registration/MeetingWiki/wiki/79bofs
On Nov 8, 2010, at 1:21 AM, Peter Saint-Andre wrote:
On 11/8/10 7:57 AM, Hannes Tschofenig wrote:
We will meet there in 13:00 (till 15:00).
Which day
Hi all,
at yesterday's security session we discussed ways on what to provide in the
security consideration for the OAuth specifications.
The plan was to have another session on Thursday, November 11th, starting at
18:10 at the IAB breakout room (Jade 2).
We plan to go out for dinner
, was your
thought that you would produce a separate security analysis document?
-Original Message-
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On
Behalf Of Torsten Lodderstedt
Sent: Sunday, November 07, 2010 3:04 PM
To: Hannes Tschofenig
Cc: ab...@ietf.org; r...@ietf.org
___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
Hi all,
we have just submitted a request for a meeting slot at the IETF#80 meeting. So,
we will have an OAuth face-to-face meeting at the upcoming IETF in Prague.
Please let us know whether you would like to give a presentation at the working
group session.
At previous IETF meetings some
I was wondering whether there is some running code available as well?
On Jan 5, 2011, at 4:31 AM, Mike Jones wrote:
Draft -01 of the JSON Web Token (JWT) specification is now available. This
version incorporates the consensus decisions reached at the Internet Identity
Workshop. The
Hi all,
Mike had posted a mail about version -01 of the JSON Web Token document:
http://www.ietf.org/mail-archive/web/oauth/current/msg04912.html
The usage of JSON and security applied to it became crucial to the work in
OAuth.
As we start our re-chartering it would be logical to add it to
Hi all,
In preparing the charter text we need your feedback.
First, the new charter needs to include the two new items we had already
accepted, namely
* SAML 2.0 Bearer Assertion Grant Type Profile for OAuth 2.0
http://datatracker.ietf.org/doc/draft-ietf-oauth-saml2-bearer/
* The OAuth 2.0
Hi Eran,
Hi all,
I would like to start a working group last call on the base specification soon
and the writeup in Section 3.2 about the Client Assertion Credentials is,
unfortunately, not ready yet. Particularly the missing security discussion
scares me.
Hence, I would encourage someone
Hey all,
the work on version -12 of the OAuth specification has generated a lot
of discussion.
-12 certainly contains a number of changes; some editorial but also
normative changes.
I went through the mailing list to see what the level of support we have
for various design decisions.
I
Hi all,
Eran suggested to remove the 'OAuth2' HTTP Authentication Scheme
functionality from the specification in his mail from last month:
http://www.ietf.org/mail-archive/web/oauth/current/msg05026.html
The discussion got off topic pretty quickly with the discussion about
OAuth usage for
Hi all,
Eran suggested to remove the Client Assertion functionality from the
draft-ietf-oauth-v2 specification in his mail from last month:
http://www.ietf.org/mail-archive/web/oauth/current/msg05027.html
This lead to a heated discussion.
Going through the discussions I got the following
Hi all,
Eran suggested to remove the HTTP Basic Authentication functionality
from the specification in his mail from last month:
http://www.ietf.org/mail-archive/web/oauth/current/msg05028.html
Essentially, there are two ways to accomplish the same functionality,
namely (1) Request
implemented this feature, it's late in the cycle to remove, so I raise the
objection.
-Original Message-
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of
Hannes Tschofenig
Sent: Thursday, February 03, 2011 12:11 AM
To: oauth@ietf.org
Subject: [OAUTH-WG] Hum about
On 2/3/2011 5:00 PM, Eran Hammer-Lahav wrote:
Yes. I think automatic registration and other mechanisms for discovery and
obtaining credentials are going to be extremely useful. We're just not there
yet.
This issue does not only need to be related to automatic registration.
With respect to
Hi all,
while we are hopefully coming to an end with the main specification (and
the two other WG items) I need to put text for re-chartering together.
The entire process typically takes a little while because
* I need your feedback (hence this mail) of what you guys want to work on
* I have
Certainly right, Eran.
Torsten, submit the draft ASAP.
On 2/7/11 8:40 PM, Hammer-Lahav Hammer-Lahav e...@hueniverse.com wrote:
It would probably be helpful to do this work in public. If not via I-Ds (even
if very rough) than via github etc.
EHL
-Original Message-
From:
Hi Peter,
I have requested a slot already very early. My request is pending
scheduling.
Ciao
Hannes
On 2/11/11 1:14 AM, Peter Saint-Andre stpe...@stpeter.im wrote:
It seems that this group probably could have a productive meeting in
Prague. This is just a reminder that the deadline for
Hi all,
I asked for feedback regarding the removal of the client assertion credentials
earlier this month, see
http://www.ietf.org/mail-archive/web/oauth/current/msg05261.html
Unfortunately, the feedback did not lead to any new insight other than there
are three groups of people:
1) Those
Hey Axel, Hi Jeff,
looking at your post regarding the JWT implementation I was wondering about one
aspect: You are providing an implementation in Java, Python, PHP, and Ruby.
Why didn't you implement a sub-set of the CMS implementation for signing
instead? Maybe you could have used existing
...@ietf.org
Subject: OAUTH - Requested session has been scheduled for IETF 80
Dear Hannes Tschofenig,
The sessions that you have requested have been scheduled.
Below is the scheduled session information followed by
the information of sessions that you have requested.
OAUTH Session 1 (2.5 hours
This is a Last Call for comments on
http://www.ietf.org/id/draft-ietf-oauth-v2-13.txt
Please have your comments in no later than March 16.
Do remember to send a note in if you have read the document and have no
other comments other than its ready to go - we need those as much as we need
I
This is a Last Call for comments on
http://www.ietf.org/id/draft-ietf-oauth-v2-bearer-03.txt
Please have your comments in no later than March 25 (extended deadline because
of the ongoing OAuth base specification WGLC).
Do remember to send a note in if you have read the document and have no
Hi Mike,
Hi all,
As some of you had notice we do not vote.
Soliciting the feedback from the working group on this issue is, however, a
good idea.
Ciao
Hannes
On Mar 12, 2011, at 1:04 AM, Mike Jones wrote:
As you know, the OAuth 2.0 Bearer Token draft -03 established the OAuth
Errors
Hi all,
the IETF meeting in Prague is just around the corner and we need to put the
agenda for the face-to-face meeting together.
If you plan to give a presentation please drop us a mail ASAP.
Ciao
Hannes Blaine
___
OAuth mailing list
A reminder to send me your presentation request.
On Mar 14, 2011, at 9:13 AM, Hannes Tschofenig wrote:
Hi all,
the IETF meeting in Prague is just around the corner and we need to put the
agenda for the face-to-face meeting together.
If you plan to give a presentation please drop us
Open Authentication Protocol WG
==-
FRIDAY, April 1, 2011
Vienna/Madrid Room
Chairs: Hannes Tschofenig/Blaine Cook
Agenda
--
1) Agenda Bashing (Chairs)
2) Discussion of Working Group Last Call Comments (Chairs/Mike Jones)
http://datatracker.ietf.org/doc/draft
Here is the updated agenda.
Ciao
Hannes
PS: I don't see a problem with Mike presenting his discovery draft
(draft-jones-simple-web-discovery-00.txt).
-
Open Authentication Protocol WG
==-
FRIDAY, April 1, 2011
Vienna/Madrid Room
Chairs: Hannes Tschofenig
.txt
and also the
http://self-issued.info/docs/draft-jones-oauth-jwt-bearer-00.txt
-Original Message-
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of
Hannes Tschofenig
Sent: Thursday, March 17, 2011 11:29 AM
To: oauth@ietf.org
Subject: [OAUTH-WG] Agenda
Hi all,
the WGLC for the OAuth base specification has been completed and the authors
think that this document is ready for a WGLC as well.
Hence, let us start the last call for comments on
http://www.ietf.org/id/draft-ietf-oauth-saml2-bearer-03.txt
Please have your comments in no later than
On the security aspect: I will write a short text for the OAuth draft because
the longer writeup by Torsten/Mar/Phil is targeting a different scope. So, you
cannot just copy it.
On Mar 27, 2011, at 12:36 AM, Eran Hammer-Lahav wrote:
The security consideration section pending, this is the
That's what I thought was the plan.
(Assuming the working group agrees to work on a separate document. I would
support it.)
On Mar 27, 2011, at 10:03 AM, Eran Hammer-Lahav wrote:
So the new plan is for you to provide the text for the security section and
just publish their work as a
Hi Igor,
the writeup that Barry provided is not meant to be part of the OAuth core
draft. Instead, it explores the bigger OAuth security story.
We certainly do not have an endless amount of time at the face-to-face meeting.
So, Barry's presentation will be put at the end of the agenda and,
Hi all,
I am very happy that you got a proposal put together to quickly. Thanks for the
good writeup!
A few comments below.
---
2. Security Considerations
Note: This section focuses on the security principles implementors of
the protocol MUST consider. These
___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
After a chat with Blaine we have an updated agenda proposal:
First, we need to cover our working group items:
–draft-ietf-oauth-v2
•Security Consideration Section (Torsten)
•Error Code registry (Mike)
•Client Assertion Credentials (Mike)
•Anything else?
–draft-ietf-oauth-v2-bearer
•Open issues?
Hi all,
we are planning to hold a 1-day interim meeting for the OAuth working group.
Date: 23rd May, 2011 (9am - 6pm)
Location: Mountain View, CA, US
Host: Tbd.
Agenda: Discussion of remaining open issues with the OAuth 2.0 specification,
and other working group items.
Ciao
Hannes Blaine
Hi guys,
Barry, Blaine and I compiled a short position paper for the upcoming W3C
identity in the browser workshop.
Here is the call for participation:
http://www.tschofenig.priv.at/svn/w3c-browser-identity/
Here is the position paper:
'? authentication?
On 4/27/11 11:06 AM, Hannes Tschofenig wrote:
Hi guys,
Barry, Blaine and I compiled a short position paper for the upcoming W3C
identity in the browser workshop.
Here is the call for participation:
http://www.tschofenig.priv.at/svn/w3c-browser-identity/
Here is the position
, Hannes Tschofenig wrote:
In some sense you are right. The problem is just that this is the name of
the group :-)
http://datatracker.ietf.org/wg/oauth/charter/
Maybe we should adjust the name with the rechartering process.
On Apr 27, 2011, at 6:17 PM, Paul Madsen wrote:
'Open Web
I did find it amusing that the paper defines bearer token as a 'cryptographic
approach'. I guess no crypto is in its way an approach :-).
Well. It uses TLS as the underlying primitive. As such, it is a cryptographic
mechanism.
I know that we have different views about the pros cons of the
On Apr 28, 2011, at 4:01 AM, Eran Hammer-Lahav wrote:
Nov 2011Prepare re-chartering
I would like this removed.
I would like to see this WG closed when this list is complete and if there is
further work with enough interest, a new working group can be created.
Hi Eran,
we already
I did a few minor updates; I believe Barry had missed a few comments in the
version he sent out earlier today.
Web Authorization Protocol Working Group
Description of Working Group
The Web Authorization (OAuth) protocol allows a user to grant
a third-party Web site or application
On May 9, 2011, at 10:04 PM, Eran Hammer-Lahav wrote:
I want to see this working group reach its end when this charter is
fulfilled. At that point, a new working group can be requested to work on
other items. The new working group can continue using this list which I
assume will remain
Breno did a review of the security draft.
Thanks a lot!
Begin forwarded message:
From: Breno de Medeiros br...@google.com
Date: May 7, 2011 4:25:53 AM GMT+03:00
To: Hannes Tschofenig hannes.tschofe...@gmx.net
Subject: Re: OAuth Security Consideration Text
Hi Hannes,
I have gone through
Hey all,
a number of you had signed up already for the interim meeting either at the
OAuth Wiki or at the Eventbrite page:
http://oauth-interim.eventbrite.com/
http://trac.tools.ietf.org/wg/oauth/trac/wiki/InterimMeetingAttendance
If you have not added your name to either one of these two
Meeting Minutes, OAuth Interim Meeting, 23rd May 2011
=
Scribe: Bill Mills (post-processing by Hannes Tschofenig)
Participants:
** in person **
- Hannes Tschofenig
- Jonas Hogberg
- Bill Mills
- Marius Scurtescu
- Andrew Wansley
- Breno
Just to let you know. I have requested a meeting slow for the upcoming IETF
meeting.
More details about the meeting can be found here:
http://www.ietf.org/meeting/81/index.html
If you have already some ideas what you would like to present, or try to
accomplish during the meeting please let us
I also never really understood why XRD was re-used.
Btw, XRD is not used by any of the current OAuth WG documents, see
http://datatracker.ietf.org/wg/oauth/
On Jun 22, 2011, at 8:08 AM, Mark Nottingham wrote:
* XRD -- XRD is an OASIS spec that's used by OpenID and OAuth. Maybe I'm just
Hi all,
it is time to think about the agenda for the IETF#81 meeting in Quebec City.
Since we are planning to complete the current working group documents our focus
will be on the working group items.
Please sent me a mail off-list whether you are able to present your document.
Here is a
Hi Eran,
http://oauth.net/grant_type/saml/2.0/bearer is definitely not a good idea since
a lookup would not return anything useful (most likely it will just fail).
Whenever there is something that can be looked up, it will be looked up .
I would create an IETF URN Sub-namespace, as
On Jul 9, 2011, at 7:40 PM, Hannes Tschofenig wrote:
Other grant types would then go in
urn:ietf:params:oauth:grant-type:saml2-holder-of-the-key
This sentence from my earlier mail could be misunderstood. To pick Mike's
example for the JWT assertion profile we would then register something
We had a discussion at the OAuth working group meeting about the worries people
have with using TLS.
Here is a relevant mail from a discussion around TCP crypt.
Begin forwarded message:
From: Eric Rescorla e...@rtfm.com
Date: July 28, 2011 10:53:00 AM EDT
To: tsv-a...@ietf.org
Subject:
That's correct. Murray is the liaison and he will provide the response of the
liaison to the OMA.
I am the liaison shepherd from the Internet Architecture Board.
On Jul 29, 2011, at 2:41 AM, SM wrote:
Hi Igor,
At 10:39 PM 7/20/2011, Igor Faynberg wrote:
the communication can emanate
Hi Eran,
I gave presentations to the security area directorate, and have asked for
review comments. Some of the folks (such as Tom Yu, and Shawn Emery) showed up
in the meetings and the side meetings and provided comments.
As Barry said, there will be more review comments flying in after the
Hi all,
I had a discussion with Mike and Julian to hear what to discuss the open issues
with the OAuth Bearer Token draft. Below is a short writeup of my impressions.
1. Error Description
The error description field provides information to the software developer and
is not meant to be shown
Hi Bob,
the question is only how to provide extensibility then. You are then
essentially forced to know, because of pre-arrangements, what the content of
the blob is going to be.
Is that also fine for you?
On Oct 14, 2011, at 7:04 PM, Bob Van Zant wrote:
I'm in favor of removing the auth
Hi Mike,
On Oct 14, 2011, at 6:42 PM, Mike Jones wrote:
2. Scope – I was planning to allow a broader set of ASCII characters than
the “token” set, as these characters are inadequate for the use of URIs/URLs
as scope elements. In particular, scope elements need to permit the full
sets
that scope values should be URIs.
My intent is to not preclude them from being so.
-- Mike
-Original Message-
From: Hannes Tschofenig [mailto:hannes.tschofe...@gmx.net]
Sent: Friday, October 14, 2011 11:27 AM
To: Mike Jones
Cc: Hannes Tschofenig
-
From: Julian Reschke [mailto:julian.resc...@gmx.de]
Sent: Sunday, October 16, 2011 11:00 AM
To: Mike Jones
Cc: Tschofenig, Hannes (NSN - FI/Espoo); Hannes Tschofenig; OAuth
WG; Eran Hammer-Lahav
Subject: Re: [OAUTH-WG] draft-ietf-oauth-v2-bearer-09: Open Issues
Proposed Resolutions
On 2011
Hi Mike,
based on our discussion I suggest to make the following minor editorial changes
to the specification. Let me provide specific text proposals.
I recommend to extend the abstract a little bit. The current text does not tell
the reader a lot and the RFC editor will require more text
Hi all,
in preparation of the upcoming IETF meeting Barry and I would like to start a
re-chartering discussion. We both are currently attending the Internet
Identity Workshop and so we had the chance to solicit input from the
participants. This should serve as a discussion starter.
Section 2 of draft-ietf-oauth-v2-bearer-10 describes three methods of sending
bearer access tokens in resource requests to resource servers, namely
1) Authorization Request Headers (described in Section 2.1)
2) Form-Encoded Body Parameter (described in Section 2.2)
3) URI Query Parameter
Julian checked the ABNF in draft-ietf-oauth-v2-bearer-10 using
http://trac.tools.ietf.org/wg/httpbis/trac/browser/abnfparser/bap and noticed
that we should replace with DQUOTE.
___
OAuth mailing list
OAuth@ietf.org
Certainly not everyone needs to pay attention to everything. We are, however,
trying to determine whether there is a critical mass of interested persons for
a given item in terms of reviews, document authors, implementers, and
deployers.
I do not see a problem at all with working on JWT
...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf
Of Mike Jones
Sent: Thursday, October 20, 2011 12:12 PM
To: Hannes Tschofenig; OAuth WG
Subject: Re: [OAUTH-WG] Rechartering
Thanks, Hannes. Here's my prioritized list of new work:
1. JSON Web Token (JWT)
2. Simple Web Discovery (SWD
-- Mike
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of
Hannes Tschofenig
Sent: Thursday, October 20, 2011 12:40 PM
To: OAuth WG
Subject: [OAUTH-WG] draft-ietf-oauth-assertions-00
Hi all
this
version is ready for forwarding to the IESG for publication?
The document shepherd is Hannes Tschofenig. I have personally reviewed the
document and I think it is ready for going forward.
(1.b) Has the document had adequate review both from key WG members
and from key non
to the IESG. It
contains the following changes:
• Made non-normative editorial changes that Hannes Tschofenig requested
be applied prior to forwarding the specification to the IESG.
• Added rationale for the choice of the b64token syntax.
• Added rationale stating
for this document? Has the
Document Shepherd personally reviewed this version of the
document and, in particular, does he or she believe this
version is ready for forwarding to the IESG for publication?
The document shepherd is Hannes Tschofenig. I have personally
Hi all,
after a discussion with Stephen we decided that it would be useful to have
draft-ietf-oauth-v2-bearer-14 submitted during the blackout period so that we
have the most recent feedback incorporated already before the IETF meeting
starts.
Stephen will talk to the secretary to enable the
Hi all,
I read through this rather long mail thread again and see whether we are
reaching any conclusion on this discussion.
In turns out that there are actually two types of discussions that relate to
each other, namely the TLS version support and the token type.
Let me go back in time a
, Hannes Tschofenig wrote:
3) We want the ability for algorithm negotiation/discovery, at least up to a
certain degree. For example, it would would nice if a client talks to a
server and they both implement TLS 1.2 then they actually use it. The
requirement for crypto-agility fits in here
Hi all,
I know that a few of you have integrated OAuth into small devices, like picture
frames.
It would be great if you could share your experience about the utilized
security mechanisms with us.
Ciao
Hannes
Begin forwarded message:
From: Hannes Tschofenig hannes.tschofe...@gmx.net
I was planning to kick of a discussion next week with a strawman proposal for a
new charter text.
Ciao
Hannes
On Mar 7, 2012, at 8:36 PM, Thomas Hardjono wrote:
What is the status of the OAUTH WG re-charter efforts? The last thread was
back in October.
Will the re-charter be on the
Feedback appreciated!
Web Authorization Protocol WG
=
THURSDAY, March 29, 2012
1300-1500 Afternoon Session I
Room: 252A
Chairs: Hannes Tschofenig Derek Atkins
1. Agenda Bashing, WG Status
(+ Welcome Derek and Thank You Barry)
2. OAuth Threats Document (Torsten
So, here is a proposal:
---
Web Authorization Protocol (oauth)
Description of Working Group
The Web Authorization (OAuth) protocol allows a user to grant
a third-party Web site or application access to the user's protected
resources, without necessarily revealing their long-term
Hi Grant,
IMHO the main reason why the OAuth specification does not standardize OAuth
usage specially for SOAP is because most people by now realized that SOAP, as
another layer of encapsulation, does not add a lot of value.
Ciao
Hannes
On Mar 19, 2012, at 6:15 AM, Grant Yang wrote:
Thank
FYI: I mentioned to some of you that there is another OAuth related event
during this week.
-- Forwarded Message
From: Hui Deng denghu...@gmail.com
Date: Mon, 26 Mar 2012 19:28:50 +0200
To: MIF Mailing List m...@ietf.org, Internet Area int-a...@ietf.org, IETF
Discussion i...@ietf.org
Cc:
Hey guys,
Derek took notes during the meeting and I polished them a bit.
Have a look at them and let us know if there is something missing:
http://www.ietf.org/proceedings/83/minutes/minutes-83-oauth.txt
Ciao
Hannes Derek
___
OAuth mailing list
Hey guys
based on the discussion before, during, and after the Paris IETF meeting I am
going to send the following updated charter / milestones to the IESG.
Please have a quick look (till the end of the week) to double-check the content
(particularly the suggested milestone dates):
--
Hi all,
those who had attended the last IETF meeting may have noticed the ongoing
activity in the 'Applications Area Working Group' regarding Web Finger.
We had our discussion regarding Simple Web Discovery (SWD) as part of the
re-chartering process.
Here are the two specifications:
Hi all,
at the IETF#83 OAuth working group meeting we had some confusion about the
Dynamic Client Registration and the Simple Web Discovery item. I just listened
to the audio recording again.
With the ongoing mailing list discussion regarding WebFinger vs. Simple Web
Discovery I hope that
and this WG has enough other work to focus on
while that happens elsewhere. I expect this to come back in the next round
with much more deployment experience and discovery clarity.
EH
-Original Message-
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf
Of Hannes
. The hard part is still
around the security stuff which they have not dealt with yet, and that's
going to be a blocker until it's solved. Authority to update elemnts or
namespaces is going to be needed, and that's a hard problem.
-bill
From: Eve Maler e...@xmlgrrl.com
To: Hannes Tschofenig
Hi guys,
I was wondering how many of you will be at the upcoming IIW in Mountain View
(or for some other event). IIW will run from Tuesday (May 1st) to Thursday (May
3rd).
I thought it might be good to useful to get together on the Friday after the
IIW event for a OAuth breakfast chat.
I am
1 - 100 of 739 matches
Mail list logo