Re: [kitten] I-D Action: draft-ietf-kitten-sasl-oauth-23.txt
Benjamin Kaduk <kaduk@MIT.EDU> Mon, 01 June 2015 19:04 UTC
Return-Path: <kaduk@mit.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8ECAB1B321F for <kitten@ietfa.amsl.com>; Mon, 1 Jun 2015 12:04:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CPtOQuLqsRuC for <kitten@ietfa.amsl.com>; Mon, 1 Jun 2015 12:04:08 -0700 (PDT)
Received: from dmz-mailsec-scanner-6.mit.edu (dmz-mailsec-scanner-6.mit.edu [18.7.68.35]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D64061B3217 for <kitten@ietf.org>; Mon, 1 Jun 2015 12:03:29 -0700 (PDT)
X-AuditID: 12074423-f79496d000000d43-e0-556cac802675
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-6.mit.edu (Symantec Messaging Gateway) with SMTP id B1.BC.03395.08CAC655; Mon, 1 Jun 2015 15:03:28 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id t51J3Ri7007684; Mon, 1 Jun 2015 15:03:28 -0400
Received: from multics.mit.edu (system-low-sipb.mit.edu [18.187.2.37]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id t51J3PXI011324 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 1 Jun 2015 15:03:27 -0400
Received: (from kaduk@localhost) by multics.mit.edu (8.12.9.20060308) id t51J3Pb6015525; Mon, 1 Jun 2015 15:03:25 -0400 (EDT)
Date: Mon, 01 Jun 2015 15:03:25 -0400
From: Benjamin Kaduk <kaduk@MIT.EDU>
To: Bill Mills <wmills_92105@yahoo.com>
In-Reply-To: <1158268268.1500683.1432918457535.JavaMail.yahoo@mail.yahoo.com>
Message-ID: <alpine.GSO.1.10.1506011454370.22210@multics.mit.edu>
References: <20150529165004.2217.7049.idtracker@ietfa.amsl.com> <1158268268.1500683.1432918457535.JavaMail.yahoo@mail.yahoo.com>
User-Agent: Alpine 1.10 (GSO 962 2008-03-14)
MIME-Version: 1.0
Content-Type: MULTIPART/MIXED; boundary="-559023410-128065761-1433184878=:22210"
Content-ID: <alpine.GSO.1.10.1506011503140.22210@multics.mit.edu>
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrBKsWRmVeSWpSXmKPExsUixG6nrtuwJifU4OkzCYujm1exWHzrus7s wOSxZMlPJo9Zsw4zBTBFcdmkpOZklqUW6dslcGXMeHqfreCoZMXB422sDYyNol2MnBwSAiYS x2b9ZYewxSQu3FvP1sXIxSEksJhJ4ubPHnYIZwOjxO3Tp1kgnINMEp9X3mIEaRESqJfYfWI9 WDuLgJbE440/mEFsNgEViZlvNgKN4uAQEVCXaP7uDRJmBjK/nXkD1ios4Cpx7uFaZpASTgFf iU2PhEHCvAKOEkvm/GWFWNXAKLHs5T0mkISogI7E6v1TWCCKBCVOznzCAjEzQGLPr15WCNtR ovn+FrYJjEKzkJTNQlI2C0kZhK0r8WbVQSYIW1vi/s02Npiazo3bGRcwsq1ilE3JrdLNTczM KU5N1i1OTszLSy3SNdPLzSzRS00p3cQIjhAX5R2Mfw4qHWIU4GBU4uHN6M4OFWJNLCuuzD3E KMnBpCTK+3ZlTqgQX1J+SmVGYnFGfFFpTmrxIUYJDmYlEV7ZJqAcb0piZVVqUT5MSpqDRUmc d9MPvhAhgfTEktTs1NSC1CKYrAwHh5IEr+tqoEbBotT01Iq0zJwShDQTByfIcB6g4dkgNbzF BYm5xZnpEPlTjIpS4rxZIAkBkERGaR5cLyyBvWIUB3pFmLcapIoHmPzgul8BDWYCGtwuADa4 JBEhJdXAqN9l3vle4eXJxcHrjRtfzf0axjMpsU7/+34+5eQnrz+XHl4z42Nz9t3DzT+yrfid k5aIcr73WsKpWlR24EFG+v+JO3ddFp+372Wtkdfd7e3nJ5hcYfj27fUch2o/tuucht8732yQ iBb/Pk1Xs3vzec7H03ojGe8XNWvkTv8Ts+jTfD7JNPPZtUosxRmJhlrMRcWJAJNrAQI7AwAA
Archived-At: <http://mailarchive.ietf.org/arch/msg/kitten/2WFCZTqsF9yEBNa26wMGjVxrE9k>
Cc: "kitten@ietf.org" <kitten@ietf.org>
Subject: Re: [kitten] I-D Action: draft-ietf-kitten-sasl-oauth-23.txt
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Jun 2015 19:04:15 -0000
Thanks for the updates, Bill -- they look good. -Ben On Fri, 29 May 2015, Bill Mills wrote: > Incorporates IESG all pending review feedback. > -bill > > > On Friday, May 29, 2015 9:50 AM, "internet-drafts@ietf.org" <internet-drafts@ietf.org> wrote: > > > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Common Authentication Technology Next Generation Working Group of the IETF. > > Title : A set of SASL Mechanisms for OAuth > Authors : William Mills > Tim Showalter > Hannes Tschofenig > Filename : draft-ietf-kitten-sasl-oauth-23.txt > Pages : 24 > Date : 2015-05-29 > > Abstract: > OAuth enables a third-party application to obtain limited access to a > protected resource, either on behalf of a resource owner by > orchestrating an approval interaction, or by allowing the third-party > application to obtain access on its own behalf. > > This document defines how an application client uses credentials > obtained via OAuth over the Simple Authentication and Security Layer > (SASL) to access a protected resource at a resource serve. Thereby, > it enables schemes defined within the OAuth framework for non-HTTP- > based application protocols. > > Clients typically store the user's long-term credential. This does, > however, lead to significant security vulnerabilities, for example, > when such a credential leaks. A significant benefit of OAuth for > usage in those clients is that the password is replaced by a shared > secret with higher entropy, i.e., the token. Tokens typically > provide limited access rights and can be managed and revoked > separately from the user's long-term password. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-kitten-sasl-oauth/ > > There's also a htmlized version available at: > https://tools.ietf.org/html/draft-ietf-kitten-sasl-oauth-23 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-kitten-sasl-oauth-23 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > Kitten mailing list > Kitten@ietf.org > https://www.ietf.org/mailman/listinfo/kitten > > > >
- [kitten] I-D Action: draft-ietf-kitten-sasl-oauth… internet-drafts
- Re: [kitten] I-D Action: draft-ietf-kitten-sasl-o… Bill Mills
- Re: [kitten] I-D Action: draft-ietf-kitten-sasl-o… Benjamin Kaduk