I-D Action: draft-mills-kitten-sasl-oauth-04.txt
internet-drafts@ietf.org Mon, 31 October 2011 18:52 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: i-d-announce@ietfa.amsl.com
Delivered-To: i-d-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E25B11E815F for <i-d-announce@ietfa.amsl.com>; Mon, 31 Oct 2011 11:52:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.566
X-Spam-Level:
X-Spam-Status: No, score=-102.566 tagged_above=-999 required=5 tests=[AWL=0.033, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ahQHhK2VtKxt for <i-d-announce@ietfa.amsl.com>; Mon, 31 Oct 2011 11:52:07 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12B011F0CB5 for <i-d-announce@ietf.org>; Mon, 31 Oct 2011 11:52:07 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Subject: I-D Action: draft-mills-kitten-sasl-oauth-04.txt
X-Test-IDTracker: no
X-IETF-IDTracker: 3.62
Message-ID: <20111031185207.4010.82791.idtracker@ietfa.amsl.com>
Date: Mon, 31 Oct 2011 11:52:07 -0700
X-BeenThere: i-d-announce@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: internet-drafts@ietf.org
List-Id: Internet Draft Announcements only <i-d-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/i-d-announce>
List-Post: <mailto:i-d-announce@ietf.org>
List-Help: <mailto:i-d-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Oct 2011 18:52:07 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : A SASL and GSS-API Mechanism for OAuth Author(s) : William Mills Tim Showalter Hannes Tschofenig Filename : draft-mills-kitten-sasl-oauth-04.txt Pages : 25 Date : 2011-10-31 OAuth enables a third-party application to obtain limited access to a protected resource, either on behalf of a resource owner by orchestrating an approval interaction, or by allowing the third-party application to obtain access on its own behalf. This document defines how an application client uses OAuth over the Simple Authentication and Security Layer (SASL) or the Generic Security Service Application Program Interface (GSS-API) to access a protected resource at a resource serve, and additionally defines authorization and token issuing endpoint discovery. Thereby, it enables schemes defined within the OAuth framework for non-HTTP-based application protocols. Clients typically store the user's long term credential. This does, however, lead to significant security vulnerabilities, for example, when such a credential leaks. A significant benefit of OAuth for usage in those clients is that the password is replaced by a token. Tokens typically provided limited access rights and can be managed and revoked separately from the user's long-term credential (password). A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-mills-kitten-sasl-oauth-04.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ This Internet-Draft can be retrieved at: ftp://ftp.ietf.org/internet-drafts/draft-mills-kitten-sasl-oauth-04.txt
- I-D Action: draft-mills-kitten-sasl-oauth-04.txt internet-drafts