attachment
<div dir="ltr"><div>Hi,</div><div><br></div><div>IETF OAuth stuff that may be of interest from IETF 102 this week.</div><div><br></div><div>Cheers,</div><div>- Ira</div><div><br></div><div><div><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr">Ira McDonald (Musician / Software Architect)<br>Co-Chair - TCG Trusted Mobility Solutions WG<br>Chair - Linux Foundation Open Printing WG<br>Secretary - IEEE-ISTO Printer Working Group<br>Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG<br>IETF Designated Expert - IPP & Printer MIB<br>Blue Roof Music / High North Inc<br><a style="color:rgb(51,51,255)" href="http://sites.google.com/site/blueroofmusic" target="_blank">http://sites.google.com/site/blueroofmusic</a><br><a style="color:rgb(102,0,204)" href="http://sites.google.com/site/highnorthinc" target="_blank">http://sites.google.com/site/highnorthinc</a><br>mailto: <a href="mailto:blueroofmusic@gmail.com" target="_blank">blueroofmusic@gmail.com</a><br>Jan-April: 579 Park Place Saline, MI 48176 734-944-0094<br>May-Dec: PO Box 221 Grand Marais, MI 49839 906-494-2434<br><br><div style="display:inline"></div><div style="display:inline"></div><div style="display:inline"></div><div></div><div></div><div></div><div></div></div></div></div></div></div>
<br><div class="gmail_quote">---------- Forwarded message ----------<br>From: <b class="gmail_sendername">Hannes Tschofenig</b> <span dir="ltr"><<a href="mailto:Hannes.Tschofenig@arm.com">Hannes.Tschofenig@arm.com</a>></span><br>Date: Thu, Jul 19, 2018 at 1:29 PM<br>Subject: [saag] OAuth Meeting Report<br>To: "<a href="mailto:saag@ietf.org">saag@ietf.org</a>" <<a href="mailto:saag@ietf.org">saag@ietf.org</a>><br><br><br>
<div link="blue" vlink="purple" lang="EN-GB">
<div class="m_4142537889375742546WordSection1">
<p class="MsoNormal">Hi all, <u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">we had two sessions for OAuth this week. <u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">On Tuesday we discussed ‘OAuth 2.0 Incremental Authorization’ and ‘Reciprocal OAuth’. These two specifications recently became OAuth WG documents. Brian Campbell gave a presentation about ‘OAuth 2.0 Token Binding’, which has been in development
for some time in the group already. It is also getting close to completion..<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">The chairs were working with participants on two shepherd write-ups during this week for ‘OAuth MTLS’ and ‘JSON Web Token Best Current Practices’. These two documents will leave the working group any day now. There are also three documents,
namely the ‘OAuth 2.0 Device Flow for Browserless and Input Constrained Devices’, the ‘OAuth 2.0 Authorization Framework: JWT Secured Authorization Request (JAR)’ and the ‘OAuth 2.0 Token Exchange’, in IESG processing right now.
<u></u><u></u></p>
<p class="MsoNormal"> <u></u><u></u></p>
<p class="MsoNormal">Today we spent some time discussing OAuth Proof-of-Possession tokens, which turned into a heated discussion: we couldn't agree on the worksplit between the ACE and the OAuth working groups. Area director guidance will be needed.
<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">At the end of the meeting John Bradley spoke about OAuth 2.0 Security Best Current Practice, pointed to two open issues and indicated that the document will soon be ready for WGLC.
<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">We did calls for adoption of three documents during the meeting with positive feedback from the participants in the room, namely
<u></u><u></u></p>
<p class="MsoNormal"> * Distributed OAuth<u></u><u></u></p>
<p class="MsoNormal">* Resource Indicators for OAuth 2.0 <u></u><u></u></p>
<p class="MsoNormal"> * JWT Response for OAuth Token Introspection <u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">We will confirm the call on the mailing list this week. <u></u>
<u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Ciao<u></u><u></u></p>
<p class="MsoNormal">Hannes <u></u><u></u></p>
</div>
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose,
or store or copy the information in any medium. Thank you.
</div>
<br>______________________________<wbr>_________________<br>
saag mailing list<br>
<a href="mailto:saag@ietf.org">saag@ietf.org</a><br>
<a href="https://www.ietf.org/mailman/listinfo/saag" rel="noreferrer" target="_blank">https://www.ietf.org/mailman/<wbr>listinfo/saag</a><br>
<br></div><br></div></div>