[kitten] I-D Action: draft-ietf-kitten-sasl-oauth-23.txt
internet-drafts@ietf.org Fri, 29 May 2015 16:50 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57C2B1ACDC8; Fri, 29 May 2015 09:50:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tYcgDJ043YB4; Fri, 29 May 2015 09:50:04 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 26DB91ACDBB; Fri, 29 May 2015 09:50:04 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.0.3.p1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20150529165004.2217.7049.idtracker@ietfa.amsl.com>
Date: Fri, 29 May 2015 09:50:04 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/kitten/zK3_r1g67e0B1xR6jKfqdMtd1yc>
Cc: kitten@ietf.org
Subject: [kitten] I-D Action: draft-ietf-kitten-sasl-oauth-23.txt
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 May 2015 16:50:05 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Common Authentication Technology Next Generation Working Group of the IETF.
Title : A set of SASL Mechanisms for OAuth
Authors : William Mills
Tim Showalter
Hannes Tschofenig
Filename : draft-ietf-kitten-sasl-oauth-23.txt
Pages : 24
Date : 2015-05-29
Abstract:
OAuth enables a third-party application to obtain limited access to a
protected resource, either on behalf of a resource owner by
orchestrating an approval interaction, or by allowing the third-party
application to obtain access on its own behalf.
This document defines how an application client uses credentials
obtained via OAuth over the Simple Authentication and Security Layer
(SASL) to access a protected resource at a resource serve. Thereby,
it enables schemes defined within the OAuth framework for non-HTTP-
based application protocols.
Clients typically store the user's long-term credential. This does,
however, lead to significant security vulnerabilities, for example,
when such a credential leaks. A significant benefit of OAuth for
usage in those clients is that the password is replaced by a shared
secret with higher entropy, i.e., the token. Tokens typically
provide limited access rights and can be managed and revoked
separately from the user's long-term password.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-kitten-sasl-oauth/
There's also a htmlized version available at:
https://tools.ietf.org/html/draft-ietf-kitten-sasl-oauth-23
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-kitten-sasl-oauth-23
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
- [kitten] I-D Action: draft-ietf-kitten-sasl-oauth… internet-drafts
- Re: [kitten] I-D Action: draft-ietf-kitten-sasl-o… Bill Mills
- Re: [kitten] I-D Action: draft-ietf-kitten-sasl-o… Benjamin Kaduk