Re: [kitten] I-D Action: draft-ietf-kitten-sasl-oauth-23.txt

Benjamin Kaduk <kaduk@MIT.EDU> Mon, 01 June 2015 19:04 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8ECAB1B321F for <kitten@ietfa.amsl.com>; Mon, 1 Jun 2015 12:04:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CPtOQuLqsRuC for <kitten@ietfa.amsl.com>; Mon, 1 Jun 2015 12:04:08 -0700 (PDT)
Received: from dmz-mailsec-scanner-6.mit.edu (dmz-mailsec-scanner-6.mit.edu [18.7.68.35]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D64061B3217 for <kitten@ietf.org>; Mon, 1 Jun 2015 12:03:29 -0700 (PDT)
X-AuditID: 12074423-f79496d000000d43-e0-556cac802675
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-6.mit.edu (Symantec Messaging Gateway) with SMTP id B1.BC.03395.08CAC655; Mon, 1 Jun 2015 15:03:28 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id t51J3Ri7007684; Mon, 1 Jun 2015 15:03:28 -0400
Received: from multics.mit.edu (system-low-sipb.mit.edu [18.187.2.37]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id t51J3PXI011324 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 1 Jun 2015 15:03:27 -0400
Received: (from kaduk@localhost) by multics.mit.edu (8.12.9.20060308) id t51J3Pb6015525; Mon, 1 Jun 2015 15:03:25 -0400 (EDT)
Date: Mon, 1 Jun 2015 15:03:25 -0400 (EDT)
From: Benjamin Kaduk <kaduk@MIT.EDU>
To: Bill Mills <wmills_92105@yahoo.com>
In-Reply-To: <1158268268.1500683.1432918457535.JavaMail.yahoo@mail.yahoo.com>
Message-ID: <alpine.GSO.1.10.1506011454370.22210@multics.mit.edu>
References: <20150529165004.2217.7049.idtracker@ietfa.amsl.com> <1158268268.1500683.1432918457535.JavaMail.yahoo@mail.yahoo.com>
User-Agent: Alpine 1.10 (GSO 962 2008-03-14)
MIME-Version: 1.0
Content-Type: MULTIPART/MIXED; boundary="-559023410-128065761-1433184878=:22210"
Content-ID: <alpine.GSO.1.10.1506011503140.22210@multics.mit.edu>
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrBKsWRmVeSWpSXmKPExsUixG6nrtuwJifU4OkzCYujm1exWHzrus7s wOSxZMlPJo9Zsw4zBTBFcdmkpOZklqUW6dslcGXMeHqfreCoZMXB422sDYyNol2MnBwSAiYS x2b9ZYewxSQu3FvP1sXIxSEksJhJ4ubPHnYIZwOjxO3Tp1kgnINMEp9X3mIEaRESqJfYfWI9 WDuLgJbE440/mEFsNgEViZlvNgKN4uAQEVCXaP7uDRJmBjK/nXkD1ios4Cpx7uFaZpASTgFf iU2PhEHCvAKOEkvm/GWFWNXAKLHs5T0mkISogI7E6v1TWCCKBCVOznzCAjEzQGLPr15WCNtR ovn+FrYJjEKzkJTNQlI2C0kZhK0r8WbVQSYIW1vi/s02Npiazo3bGRcwsq1ilE3JrdLNTczM KU5N1i1OTszLSy3SNdPLzSzRS00p3cQIjhAX5R2Mfw4qHWIU4GBU4uHN6M4OFWJNLCuuzD3E KMnBpCTK+3ZlTqgQX1J+SmVGYnFGfFFpTmrxIUYJDmYlEV7ZJqAcb0piZVVqUT5MSpqDRUmc d9MPvhAhgfTEktTs1NSC1CKYrAwHh5IEr+tqoEbBotT01Iq0zJwShDQTByfIcB6g4dkgNbzF BYm5xZnpEPlTjIpS4rxZIAkBkERGaR5cLyyBvWIUB3pFmLcapIoHmPzgul8BDWYCGtwuADa4 JBEhJdXAqN9l3vle4eXJxcHrjRtfzf0axjMpsU7/+34+5eQnrz+XHl4z42Nz9t3DzT+yrfid k5aIcr73WsKpWlR24EFG+v+JO3ddFp+372Wtkdfd7e3nJ5hcYfj27fUch2o/tuucht8732yQ iBb/Pk1Xs3vzec7H03ojGe8XNWvkTv8Ts+jTfD7JNPPZtUosxRmJhlrMRcWJAJNrAQI7AwAA
Archived-At: <http://mailarchive.ietf.org/arch/msg/kitten/2WFCZTqsF9yEBNa26wMGjVxrE9k>
Cc: "kitten@ietf.org" <kitten@ietf.org>
Subject: Re: [kitten] I-D Action: draft-ietf-kitten-sasl-oauth-23.txt
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Jun 2015 19:04:15 -0000

Thanks for the updates, Bill -- they look good.

-Ben

On Fri, 29 May 2015, Bill Mills wrote:

> Incorporates IESG all pending review feedback. 
> -bill
>
>
>      On Friday, May 29, 2015 9:50 AM, "internet-drafts@ietf.org" <internet-drafts@ietf.org> wrote:
>
>
>
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
>  This draft is a work item of the Common Authentication Technology Next Generation Working Group of the IETF.
>
>         Title          : A set of SASL Mechanisms for OAuth
>         Authors        : William Mills
>                           Tim Showalter
>                           Hannes Tschofenig
>     Filename        : draft-ietf-kitten-sasl-oauth-23.txt
>     Pages          : 24
>     Date            : 2015-05-29
>
> Abstract:
>   OAuth enables a third-party application to obtain limited access to a
>   protected resource, either on behalf of a resource owner by
>   orchestrating an approval interaction, or by allowing the third-party
>   application to obtain access on its own behalf.
>
>   This document defines how an application client uses credentials
>   obtained via OAuth over the Simple Authentication and Security Layer
>   (SASL) to access a protected resource at a resource serve.  Thereby,
>   it enables schemes defined within the OAuth framework for non-HTTP-
>   based application protocols.
>
>   Clients typically store the user's long-term credential.  This does,
>   however, lead to significant security vulnerabilities, for example,
>   when such a credential leaks.  A significant benefit of OAuth for
>   usage in those clients is that the password is replaced by a shared
>   secret with higher entropy, i.e., the token.  Tokens typically
>   provide limited access rights and can be managed and revoked
>   separately from the user's long-term password.
>
>
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-kitten-sasl-oauth/
>
> There's also a htmlized version available at:
> https://tools.ietf.org/html/draft-ietf-kitten-sasl-oauth-23
>
> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-kitten-sasl-oauth-23
>
>
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
>
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
>
> _______________________________________________
> Kitten mailing list
> Kitten@ietf.org
> https://www.ietf.org/mailman/listinfo/kitten
>
>
>
>