[OAUTH-WG] Weekly github digest (OAuth Activity Summary)
Repository Activity Summary Bot <do_not_reply@mnot.net> Sun, 26 January 2025 07:39 UTC
Return-Path: <do_not_reply@mnot.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 61BE2C1D4CD7 for <oauth@ietfa.amsl.com>; Sat, 25 Jan 2025 23:39:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.406
X-Spam-Level:
X-Spam-Status: No, score=-2.406 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=mnot.net header.b="Omw1K3ri"; dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=messagingengine.com header.b="fiMmzdW1"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MbnefTaTLtoR for <oauth@ietfa.amsl.com>; Sat, 25 Jan 2025 23:39:10 -0800 (PST)
Received: from fhigh-b7-smtp.messagingengine.com (fhigh-b7-smtp.messagingengine.com [202.12.124.158]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 826CBC1D4CE6 for <oauth@ietf.org>; Sat, 25 Jan 2025 23:39:10 -0800 (PST)
Received: from phl-compute-05.internal (phl-compute-05.phl.internal [10.202.2.45]) by mailfhigh.stl.internal (Postfix) with ESMTP id D79DD25400C7 for <oauth@ietf.org>; Sun, 26 Jan 2025 02:39:09 -0500 (EST)
Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-05.internal (MEProxy); Sun, 26 Jan 2025 02:39:09 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h=cc :content-type:content-type:date:from:from:in-reply-to :mime-version:reply-to:subject:subject:to:to; s=fm1; t= 1737877149; x=1737963549; bh=U0cx3dzLDIGUhcfmgK6Xr8F25rNQi3ghu9u FW/FJEiA=; b=Omw1K3riZVyMqPLXOTGuF1dy9LWHyGOS+OFkh1YzknqbQDXGMKu kNmr32TqiK9iyviYRq0xmF0ppdoth9/wvcLLpgPPHlPGzmMAEVyQHPflU5+oZfUK pKHnO+uB2/e6CHgIW78TrqMlUWO7Kph1UD8tSita9JG7XeQbenS2AfhGvvreD8MS Y46vfpn2MaJcpqvH4Gs0izuOarOzxTzi1WXYSpW93SLHeExJuMnw3kHPJg9UOfLT 0nj2VioiMclOPY5NNnUPLmpg5VVhJ5QLYhJ3pNtfBjjpzQY4diYJ2SqHkuX02Lhk gKhknfjYJoRPQYWZ+llshF9mmeFOslxsjTA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date :feedback-id:feedback-id:from:from:in-reply-to:mime-version :reply-to:subject:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; t=1737877149; x=1737963549; bh=U 0cx3dzLDIGUhcfmgK6Xr8F25rNQi3ghu9uFW/FJEiA=; b=fiMmzdW11arYY7er6 GN1W9oDCjLnQPXSbR7ldCVHbCFpGd4LK8EkXAZPucvwFG+1ai4nwGxDKKLUEvAnU 4XcJBFs+YVT/HN2uHdAoNwAGvXhQumRrDrFTyMf2TID7BTafIi4YQNagbGJdyE+g bCCICgUkIBBqcXgbUABETf5w4t1gFFR1cEVKKw6ZthRt8QY60tA+dLSmucx0WVKw +94neuT98Riarvjix4EZNteO6TgeX4nsUGOwR/vuCSXkMiKIlLge3NQJB3v3rrAa b9uCXf6c9scpG/ED7T8KJSrE1cXiC+Cp6t69xgfUcQ78cmEXmQsWuCOonigj33Lf 6CcpA==
X-ME-Sender: <xms:neaVZ1n8RB_Eja0mLA98-ZBGVl7D69I9kTU7DBRPoYBkhUVd4mrqAA> <xme:neaVZw2EGWNTI5ZjIN1LvT4ih8wy_mI-DDywyyg4psIl21aPWNOGkH79yVXkhF-R_ UBLA31WmipO6YyhJA>
X-ME-Received: <xmr:neaVZ7o_3RfP7911eRJO6dxCketkT5IbuA6tT50mzrN-G_qm6_xF7Dixqi00Qw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefuddrudejgedgleeikecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpggftfghnshhusghstghrihgsvgdp uffrtefokffrpgfnqfghnecuuegrihhlohhuthemuceftddtnecupfhoucgurghtvgcufh hivghlugculdegledmnecujfgurheptggghffvufesrgdttdertddtjeenucfhrhhomhep tfgvphhoshhithhorhihucettghtihhvihhthicuufhumhhmrghrhicuuehothcuoeguoh gpnhhothgprhgvphhlhiesmhhnohhtrdhnvghtqeenucggtffrrghtthgvrhhnpeekfedv udetjedvfeekheeiveeugfefhfetteevgeffkefffeetffdvleehudeiteenucffohhmrg hinhepghhithhhuhgsrdgtohhmnecuvehluhhsthgvrhfuihiivgepvdenucfrrghrrghm pehmrghilhhfrhhomhepughopghnohhtpghrvghplhihsehmnhhothdrnhgvthdpnhgspg hrtghpthhtohepuddpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepohgruhhthhes ihgvthhfrdhorhhg
X-ME-Proxy: <xmx:neaVZ1mq0EDoXSZVkL2qhsL2vXUb4BaRQNoVuwP--L1-BzTLbLUuxQ> <xmx:neaVZz1CNIbkEZcVBy4ekSEZZBueFmMs1NWd_mwMwUZQ2B-5qo5FZQ> <xmx:neaVZ0ue5Y43LzIKtOVWvokOzrlcidaixAjv6j18mRXbowEpNwiITA> <xmx:neaVZ3VZvY0dwgkETSLQU2d_lTpxydFGxshxlXdyFDbyBe32KhMLlg> <xmx:neaVZxB6fPRmVbUrjq8sAprn6yPQ4Bk5Qbv15DX5Qtk6YlbZYSkafB15>
Feedback-ID: i1c3946f2:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <oauth@ietf.org>; Sun, 26 Jan 2025 02:39:09 -0500 (EST)
Content-Type: multipart/alternative; boundary="===============1777127328898410718=="
MIME-Version: 1.0
From: Repository Activity Summary Bot <do_not_reply@mnot.net>
To: oauth@ietf.org
Message-Id: <20250126073910.826CBC1D4CE6@ietfa.amsl.com>
Date: Sat, 25 Jan 2025 23:39:10 -0800
Message-ID-Hash: QMQA4KHF5R22HUPZ7Q6IOFFQ7LRA3YGX
X-Message-ID-Hash: QMQA4KHF5R22HUPZ7Q6IOFFQ7LRA3YGX
X-MailFrom: do_not_reply@mnot.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [OAUTH-WG] Weekly github digest (OAuth Activity Summary)
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/-BpWZQozxlowwhmem-x9SV3SaFQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>
Events without label "editorial"
Issues
------
* oauth-wg/oauth-browser-based-apps (+0/-0/š¬1)
1 issues received 1 new comments:
- #62 Using Web Workers to refresh access tokens adds implementation complexity for marginal security benefit (1 by micolous)
https://github.com/oauth-wg/oauth-browser-based-apps/issues/62
* oauth-wg/oauth-identity-chaining (+2/-0/š¬0)
2 issues created:
- Security Considerations (by PieterKas)
https://github.com/oauth-wg/oauth-identity-chaining/issues/131
- Add security consideration on refresh tokens? (by PieterKas)
https://github.com/oauth-wg/oauth-identity-chaining/issues/130
* oauth-wg/oauth-transaction-tokens (+0/-4/š¬4)
4 issues received 4 new comments:
- #131 Can a sub_id change? (1 by tulshi)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/131 [pre-last-call]
- #107 external invocations (1 by tulshi)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/107 [pre-last-call]
- #95 Define discovery metadata for support of the Transaction Token functionality (1 by gffletch)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/95 [IETF120-discuss] [pre-last-call]
- #80 Extensibility of `azd` and `rctx` (1 by tulshi)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/80 [IETF120-discuss] [pre-last-call]
4 issues closed:
- Extensibility of `azd` and `rctx` https://github.com/oauth-wg/oauth-transaction-tokens/issues/80 [IETF120-discuss] [pre-last-call]
- Audience, scope & purpose https://github.com/oauth-wg/oauth-transaction-tokens/issues/115
- Can a sub_id change? https://github.com/oauth-wg/oauth-transaction-tokens/issues/131 [pre-last-call]
- RAR object inside a TraT https://github.com/oauth-wg/oauth-transaction-tokens/issues/118 [pre-last-call]
* oauth-wg/oauth-sd-jwt-vc (+1/-0/š¬0)
1 issues created:
- Say something about presentations if KB-JWT is not used (by awoie)
https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/297
* oauth-wg/draft-ietf-oauth-resource-metadata (+1/-0/š¬1)
1 issues created:
- Necessity of `dpop_bound_access_tokens_required` parameter (by erincandescent)
https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata/issues/63
1 issues received 1 new comments:
- #56 Ambiguous handling of the resource_metadata WWW-Authenticate parameter (1 by erincandescent)
https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata/issues/56
* oauth-wg/draft-ietf-oauth-status-list (+7/-5/š¬24)
7 issues created:
- Extension Token Status List to x509 (by steffenschwalm)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/243
- Various editorial change proposals (by Denisthemalice)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/238
- Token Lifecycle (by Denisthemalice)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/237
- About Status List Token distribution points (by Denisthemalice)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/236
- New section to define the sLTSign bit of a key usage extension in a PKC (by Denisthemalice)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/235
- Validation Rules (section 8.3) (by Denisthemalice)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/234
- Cryptographic signature algorithms (by Denisthemalice)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/233
11 issues received 24 new comments:
- #238 Various editorial change proposals (1 by paulbastian)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/238
- #236 About Status List Token distribution points (1 by paulbastian)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/236
- #235 New section to define the sLTSign bit of a key usage extension in a PKC (1 by paulbastian)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/235
- #234 Validation Rules (section 8.3) (2 by Denisthemalice, paulbastian)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/234
- #233 Cryptographic signature algorithms (7 by Denisthemalice, c2bo, paulbastian)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/233
- #229 Add a section to provide estimations about the size and the number of Token Status Lists (3 by Denisthemalice, paulbastian)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/229
- #225 The status list mechanism as currently described does not allow for interoperability (5 by Denisthemalice, paulbastian, tplooker)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/225
- #224 Interims Feedback: Explain motivation to split issuer / status list issuer / status list provider (1 by Denisthemalice)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/224
- #222 Interims Feedback: Discussion around Suspended Status Type (1 by paulbastian)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/222
- #221 Reduce the statuses to 2 and 1 bit (1 by paulbastian)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/221
- #217 Comments on section 12.5.1 Unlinkability (1 by tplooker)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/217
5 issues closed:
- Reduce the statuses to 2 and 1 bit https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/221
- Comments on section 12.5.1 Unlinkability https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/217
- IETF 118: Mention prior art https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/83 [ready-for-pr]
- Interims Feedback: Short-lived credentials https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/223
- Add a section to provide estimations about the size and the number of Token Status Lists https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/229
Pull requests
-------------
* oauth-wg/oauth-identity-chaining (+3/-0/š¬3)
3 pull requests submitted:
- Security Considerations - Sender Constrain Option 3 (by PieterKas)
https://github.com/oauth-wg/oauth-identity-chaining/pull/132
- Security Considerations - Sender Constrain Option 2 (by PieterKas)
https://github.com/oauth-wg/oauth-identity-chaining/pull/129
- Security Considerations - Sender Constrain Option 1 (by PieterKas)
https://github.com/oauth-wg/oauth-identity-chaining/pull/128
2 pull requests received 3 new comments:
- #132 Security Considerations - Sender Constrain Option 3 (1 by PieterKas)
https://github.com/oauth-wg/oauth-identity-chaining/pull/132
- #128 Security Considerations - Sender Constrain Option 1 (2 by PieterKas)
https://github.com/oauth-wg/oauth-identity-chaining/pull/128
* oauth-wg/oauth-transaction-tokens (+2/-1/š¬0)
2 pull requests submitted:
- Fixed upload-artifact version. (by tulshi)
https://github.com/oauth-wg/oauth-transaction-tokens/pull/152
- changed all references to Trust Domain (capitalized) (by tulshi)
https://github.com/oauth-wg/oauth-transaction-tokens/pull/151
1 pull requests merged:
- Fixed upload-artifact version.
https://github.com/oauth-wg/oauth-transaction-tokens/pull/152
* oauth-wg/oauth-selective-disclosure-jwt (+1/-2/š¬7)
1 pull requests submitted:
- Editorial updates to text introduced in -15 to doc history (by bc-pi)
https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/544
1 pull requests received 7 new comments:
- #535 add Watson Ladd's suggested text with minor adaptations (7 by Denisthemalice, wbl)
https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/535
2 pull requests merged:
- Editorial updates to text introduced in -15 to doc history
https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/544
- editorial cleanup
https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/543
* oauth-wg/draft-ietf-oauth-status-list (+4/-5/š¬4)
4 pull requests submitted:
- update templates (by c2bo)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/242
- editorial changes on terminology and Referenced Tokens (by paulbastian)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/241
- Minor editorial change to address issue 217 (by tplooker)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/240
- editorial fixes (by c2bo)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/239
2 pull requests received 4 new comments:
- #239 editorial fixes (1 by paulbastian)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/239
- #232 More test vectors (3 by c2bo, paulbastian)
https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/232
5 pull requests merged:
- update templates
https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/242
- editorial fixes
https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/239
- Minor editorial change to address issue 217
https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/240
- Mention prior art
https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/231
- interims feedback #1
https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/230
* oauth-wg/draft-ietf-oauth-attestation-based-client-auth (+2/-0/š¬0)
2 pull requests submitted:
- update ietf template (by c2bo)
https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/pull/97
- fix examples (missing typ) (by c2bo)
https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/pull/96
Repositories tracked by this digest:
-----------------------------------
* https://github.com/oauth-wg/oauth-browser-based-apps
* https://github.com/oauth-wg/oauth-identity-chaining
* https://github.com/oauth-wg/oauth-transaction-tokens
* https://github.com/oauth-wg/oauth-sd-jwt-vc
* https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata
* https://github.com/oauth-wg/oauth-cross-device-security
* https://github.com/oauth-wg/oauth-selective-disclosure-jwt
* https://github.com/oauth-wg/oauth-v2-1
* https://github.com/oauth-wg/draft-ietf-oauth-status-list
* https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth
--
To have a summary like this sent to your list, see: https://github.com/ietf-github-services/activity-summary
- [OAUTH-WG] Weekly github digest (OAuth Activity Sā¦ Repository Activity Summary Bot