[OAUTH-WG] Weekly github digest (OAuth Activity Summary)

Repository Activity Summary Bot <do_not_reply@mnot.net> Sun, 13 October 2024 07:41 UTC

Return-Path: <do_not_reply@mnot.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 337A3C14F75F for <oauth@ietfa.amsl.com>; Sun, 13 Oct 2024 00:41:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.705
X-Spam-Level:
X-Spam-Status: No, score=-1.705 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=mnot.net header.b="CmlXwsmp"; dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=messagingengine.com header.b="QGufZOPF"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ow9-HsTINNyM for <oauth@ietfa.amsl.com>; Sun, 13 Oct 2024 00:41:10 -0700 (PDT)
Received: from fhigh-a6-smtp.messagingengine.com (fhigh-a6-smtp.messagingengine.com [103.168.172.157]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2E0B0C14F6A9 for <oauth@ietf.org>; Sun, 13 Oct 2024 00:41:10 -0700 (PDT)
Received: from phl-compute-02.internal (phl-compute-02.phl.internal [10.202.2.42]) by mailfhigh.phl.internal (Postfix) with ESMTP id 929661140267 for <oauth@ietf.org>; Sun, 13 Oct 2024 03:41:09 -0400 (EDT)
Received: from phl-mailfrontend-02 ([10.202.2.163]) by phl-compute-02.internal (MEProxy); Sun, 13 Oct 2024 03:41:09 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h=cc :content-type:content-type:date:from:from:in-reply-to :mime-version:reply-to:subject:subject:to:to; s=fm3; t= 1728805269; x=1728891669; bh=Hqk4n4XNBV/V/8J43hd9T/b/25qfspj1wNu HoMmIkCM=; b=CmlXwsmpFZ9FFXbaqpyIsvbQtSLerqYKIqQW8H0bwZRi/tVXSHA Ra8V9bqhK5txNiLNLeq7CE/iA9GeGYN/PFc88G8coIkRrJL2GzmgDAqhg6wfvZs6 i+oz5nv7k98nCAbg9YRK8CSvc6uydufdYTi7vJ91ed3SAEZEugwVEkeGDk0iFX13 xLcTLlLkkZj3E3vp5/aixrriqGkn+NRxfe0gpHizDbO9UB4rs5pl8HaWGvNahm2C URqFrx5t7XJuxClWZ7T2EfFYp7dm+VozLg1pMjnzLoxYnphcAeIqlBI6K1sEA1Qh g7JRZBlEOKN70pfuPtWY74456OXT1+uoDuw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date :feedback-id:feedback-id:from:from:in-reply-to:mime-version :reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1728805269; x= 1728891669; bh=Hqk4n4XNBV/V/8J43hd9T/b/25qfspj1wNuHoMmIkCM=; b=Q GufZOPFZ/wUxUeNDaebu/x1SijDLEu/yDjjLc2ea3fwGuzYab5veBWaQY9D7HT/H 8UDMFBtJHIRISnjf95ZN88+4e3XvgJYOUMDvdQsswOZxdQYu68kotYwx04rZLfFl zQ7AiFnCA5/JJ5Fd+CtKcF2DavQKboCQR+6Q/GPc10H32PnKjy6Bo5c+tlZKw2s7 B/vRoLi+2EtsgVw9vnYioEaJeE/qIK5R3b4dyq2FKHhxBnAUlvpsy3MUR06KueyZ WyxPjjrSjpAnCGEoBF+2C03mDZbhlI5ACL8xVTntQ0PfUBU7eaB4j6a1i3XmtcfR bF/kWTCR2eKXbfBwDUzCQ==
X-ME-Sender: <xms:lXkLZ829MgfjU_V__tJ5URbg--DkMh1zchfa50nEUk-r-h8xoOu1yA> <xme:lXkLZ3EaE66txMmSQSeTCJ73G8eW7LJXmdcva2v0d0jUI2BsO6yMcN-3m03qR6OWh 5Zk_QhCBfFkanRzZw>
X-ME-Received: <xmr:lXkLZ04gcJ0AGsbQJenMiQAQSDPBTAsEdhUyDLJjbF2tLvOeYGKlkU3WjYZKsBMUxBppLFkllS7R7gt557ZLmN2sQYs3ck9pZFcWGX-2XiRSt2rkmEvVOxf6L6uCrWqY7i6W>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrvdegvddguddvgecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpggftfghnshhusghstghrihgsvgdp uffrtefokffrpgfnqfghnecuuegrihhlohhuthemuceftddtnecupfhoucgurghtvgcufh hivghlugculdegledmnecujfgurheptggghffvufesrgdttdertddtjeenucfhrhhomhep tfgvphhoshhithhorhihucettghtihhvihhthicuufhumhhmrghrhicuuehothcuoeguoh gpnhhothgprhgvphhlhiesmhhnohhtrdhnvghtqeenucggtffrrghtthgvrhhnpeekfedv udetjedvfeekheeiveeugfefhfetteevgeffkefffeetffdvleehudeiteenucffohhmrg hinhepghhithhhuhgsrdgtohhmnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghm pehmrghilhhfrhhomhepughopghnohhtpghrvghplhihsehmnhhothdrnhgvthdpnhgspg hrtghpthhtohepuddpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepohgruhhthhes ihgvthhfrdhorhhg
X-ME-Proxy: <xmx:lXkLZ11Bj3ZUs6JKtjadzVyDZVM4dcDOwmokQtCus-rPUqbEeaPBQg> <xmx:lXkLZ_EmuFMPSTXaiSLgOTDZFe8UGixfaZ59nTyVB3SXEatO6f3H8g> <xmx:lXkLZ--2d31pbk3z9itswBGceFLRi0FtKcwxgb-1TRASz9Z_Hi0mNA> <xmx:lXkLZ0kvRVNf47B_9cCZJe6BYyI45cYig-wUkfMggbUBHTGp3Ztg3A> <xmx:lXkLZ0TBjDczK8-lFeu-Nd892HHKu7XLxDdRYHMiepiCq5lm7z6-Ceua>
Feedback-ID: i1c3946f2:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <oauth@ietf.org>; Sun, 13 Oct 2024 03:41:09 -0400 (EDT)
Content-Type: multipart/alternative; boundary="===============6062971008653155881=="
MIME-Version: 1.0
From: Repository Activity Summary Bot <do_not_reply@mnot.net>
To: oauth@ietf.org
Message-Id: <20241013074110.2E0B0C14F6A9@ietfa.amsl.com>
Date: Sun, 13 Oct 2024 00:41:10 -0700
Message-ID-Hash: WWIZ3ZHNWLGMBDYHJ26T7W3ZLP4IMUHB
X-Message-ID-Hash: WWIZ3ZHNWLGMBDYHJ26T7W3ZLP4IMUHB
X-MailFrom: do_not_reply@mnot.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc5
Precedence: list
Subject: [OAUTH-WG] Weekly github digest (OAuth Activity Summary)
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/1tchBzhGKULo_x4wy67WbaViBIQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>



Events without label "editorial"

Issues
------
* oauth-wg/oauth-transaction-tokens (+0/-1/šŸ’¬0)
  1 issues closed:
  - IANA registration procedures https://github.com/oauth-wg/oauth-transaction-tokens/issues/117 

* oauth-wg/oauth-sd-jwt-vc (+4/-2/šŸ’¬19)
  4 issues created:
  - display and claims definition in section 6.2 (by Sakurann)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/260 
  - Free text in description. (by Sakurann)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/259 
  - Why vct is not selectively disclosable, but vct#integrity is not? (by Sakurann)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/258 
  - ed: sentence clarification (by Sakurann)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/257 

  7 issues received 19 new comments:
  - #259 Free text in description. (1 by danielfett)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/259 
  - #258 Why vct is not selectively disclosable, but vct#integrity is not? (4 by Sakurann, bc-pi, danielfett)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/258 [NEEDS PR] 
  - #257 ed: sentence clarification (1 by danielfett)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/257 
  - #253 Issuer-signed JWT Verification Key Validation - Separation of signature and identity verification/validation? (9 by alenhorvat, awoie)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/253 [discuss] 
  - #225 Consider recommending a way to encode other data types. (1 by awoie)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/225 
  - #224 Add type metadata for basic display/rendering information (1 by awoie)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/224 [metadata] [wg-05] 
  - #212 Embedded Issuer Policies (2 by alenhorvat, awoie)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/212 

  2 issues closed:
  - Add type metadata for basic display/rendering information https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/224 [metadata] [wg-05] 
  - display and claims definition in section 6.2 https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/260 [HAS PR] 

* oauth-wg/draft-ietf-oauth-status-list (+1/-2/šŸ’¬3)
  1 issues created:
  - Add Reserved For Private Use Range (by OR13)
    https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/181 

  3 issues received 3 new comments:
  - #181 Add Reserved For Private Use Range (1 by paulbastian)
    https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/181 
  - #138 Support an optional feature for historical resolution (1 by paulbastian)
    https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/138 [feature] [ready-for-pr] 
  - #51 "A Status List can not represent multiple statuses per Referenced Token" (1 by paulbastian)
    https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/51 [discuss] 

  2 issues closed:
  - restriction to numeric status https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/53 [discuss] 
  - Should the JWT StatusList encoded 1-bit bytearray map to W3C StatusList 2021 bitstring? https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/68 [discuss] 

* oauth-wg/draft-ietf-oauth-attestation-based-client-auth (+3/-2/šŸ’¬2)
  3 issues created:
  - Restructure sections for presentation of attestation (by c2bo)
    https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/86 
  - Take lessons learned from nonce endpoint in OpenID4VCI and apply to this draft (by paulbastian)
    https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/85 
  - Rewrite introduction that the main purpose is not about key attestation (by paulbastian)
    https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/84 

  2 issues received 2 new comments:
  - #29 [IANA Registry] attested_security_context as JWT parameter (1 by paulbastian)
    https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/29 
  - #15 Security levels in the attestation (1 by paulbastian)
    https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/15 

  2 issues closed:
  - [IANA Registry] attested_security_context as JWT parameter https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/29 
  - Security levels in the attestation https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/15 



Pull requests
-------------
* oauth-wg/oauth-identity-chaining (+1/-0/šŸ’¬0)
  1 pull requests submitted:
  - Update affiliation of Arndt (by arndt-s)
    https://github.com/oauth-wg/oauth-identity-chaining/pull/96 

* oauth-wg/oauth-transaction-tokens (+0/-1/šŸ’¬0)
  1 pull requests merged:
  - Addressed comments from IANA review
    https://github.com/oauth-wg/oauth-transaction-tokens/pull/144 

* oauth-wg/oauth-sd-jwt-vc (+2/-1/šŸ’¬2)
  2 pull requests submitted:
  - Warn of the dangers of malicious text (by danielfett)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/262 
  - Fix #260 (by danielfett)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/261 

  1 pull requests received 2 new comments:
  - #262 Warn of the dangers of malicious text (2 by bc-pi, danielfett)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/262 

  1 pull requests merged:
  - Fix #260
    https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/261 

* oauth-wg/draft-ietf-oauth-resource-metadata (+1/-0/šŸ’¬1)
  1 pull requests submitted:
  - Describe motivations for IANA registration procedure (by selfissued)
    https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata/pull/62 

  1 pull requests received 1 new comments:
  - #62 Describe motivations for IANA registration procedure (1 by debcooley)
    https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata/pull/62 

* oauth-wg/oauth-selective-disclosure-jwt (+2/-1/šŸ’¬7)
  2 pull requests submitted:
  - Rewrite introduction and abstract (by danielfett)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/477 
  - WGLC updates 4/x (explicit typing discussion) (by bc-pi)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/476 

  2 pull requests received 7 new comments:
  - #475  ISO/IEC 29100 is too private  (5 by Sakurann, bc-pi, danielfett, sakimura)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/475 
  - #473  WGLC updates 2/x (remove sentence in intro) (2 by bc-pi)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/473 [ready-to-close] 

  1 pull requests merged:
  - WGLC updates 1/x
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/472 

* oauth-wg/draft-ietf-oauth-status-list (+1/-0/šŸ’¬1)
  1 pull requests submitted:
  - editorial fixes (by paulbastian)
    https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/180 

  1 pull requests received 1 new comments:
  - #178 add optional support for historical status resolution (1 by c2bo)
    https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/178 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/oauth-wg/oauth-browser-based-apps
* https://github.com/oauth-wg/oauth-identity-chaining
* https://github.com/oauth-wg/oauth-transaction-tokens
* https://github.com/oauth-wg/oauth-sd-jwt-vc
* https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata
* https://github.com/oauth-wg/oauth-cross-device-security
* https://github.com/oauth-wg/oauth-selective-disclosure-jwt
* https://github.com/oauth-wg/oauth-v2-1
* https://github.com/oauth-wg/draft-ietf-oauth-status-list
* https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth