[OAUTH-WG] Weekly github digest (OAuth Activity Summary)
Repository Activity Summary Bot <do_not_reply@mnot.net> Sun, 13 October 2024 07:41 UTC
Return-Path: <do_not_reply@mnot.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 337A3C14F75F for <oauth@ietfa.amsl.com>; Sun, 13 Oct 2024 00:41:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.705
X-Spam-Level:
X-Spam-Status: No, score=-1.705 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=mnot.net header.b="CmlXwsmp"; dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=messagingengine.com header.b="QGufZOPF"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ow9-HsTINNyM for <oauth@ietfa.amsl.com>; Sun, 13 Oct 2024 00:41:10 -0700 (PDT)
Received: from fhigh-a6-smtp.messagingengine.com (fhigh-a6-smtp.messagingengine.com [103.168.172.157]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2E0B0C14F6A9 for <oauth@ietf.org>; Sun, 13 Oct 2024 00:41:10 -0700 (PDT)
Received: from phl-compute-02.internal (phl-compute-02.phl.internal [10.202.2.42]) by mailfhigh.phl.internal (Postfix) with ESMTP id 929661140267 for <oauth@ietf.org>; Sun, 13 Oct 2024 03:41:09 -0400 (EDT)
Received: from phl-mailfrontend-02 ([10.202.2.163]) by phl-compute-02.internal (MEProxy); Sun, 13 Oct 2024 03:41:09 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h=cc :content-type:content-type:date:from:from:in-reply-to :mime-version:reply-to:subject:subject:to:to; s=fm3; t= 1728805269; x=1728891669; bh=Hqk4n4XNBV/V/8J43hd9T/b/25qfspj1wNu HoMmIkCM=; b=CmlXwsmpFZ9FFXbaqpyIsvbQtSLerqYKIqQW8H0bwZRi/tVXSHA Ra8V9bqhK5txNiLNLeq7CE/iA9GeGYN/PFc88G8coIkRrJL2GzmgDAqhg6wfvZs6 i+oz5nv7k98nCAbg9YRK8CSvc6uydufdYTi7vJ91ed3SAEZEugwVEkeGDk0iFX13 xLcTLlLkkZj3E3vp5/aixrriqGkn+NRxfe0gpHizDbO9UB4rs5pl8HaWGvNahm2C URqFrx5t7XJuxClWZ7T2EfFYp7dm+VozLg1pMjnzLoxYnphcAeIqlBI6K1sEA1Qh g7JRZBlEOKN70pfuPtWY74456OXT1+uoDuw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date :feedback-id:feedback-id:from:from:in-reply-to:mime-version :reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1728805269; x= 1728891669; bh=Hqk4n4XNBV/V/8J43hd9T/b/25qfspj1wNuHoMmIkCM=; b=Q GufZOPFZ/wUxUeNDaebu/x1SijDLEu/yDjjLc2ea3fwGuzYab5veBWaQY9D7HT/H 8UDMFBtJHIRISnjf95ZN88+4e3XvgJYOUMDvdQsswOZxdQYu68kotYwx04rZLfFl zQ7AiFnCA5/JJ5Fd+CtKcF2DavQKboCQR+6Q/GPc10H32PnKjy6Bo5c+tlZKw2s7 B/vRoLi+2EtsgVw9vnYioEaJeE/qIK5R3b4dyq2FKHhxBnAUlvpsy3MUR06KueyZ WyxPjjrSjpAnCGEoBF+2C03mDZbhlI5ACL8xVTntQ0PfUBU7eaB4j6a1i3XmtcfR bF/kWTCR2eKXbfBwDUzCQ==
X-ME-Sender: <xms:lXkLZ829MgfjU_V__tJ5URbg--DkMh1zchfa50nEUk-r-h8xoOu1yA> <xme:lXkLZ3EaE66txMmSQSeTCJ73G8eW7LJXmdcva2v0d0jUI2BsO6yMcN-3m03qR6OWh 5Zk_QhCBfFkanRzZw>
X-ME-Received: <xmr:lXkLZ04gcJ0AGsbQJenMiQAQSDPBTAsEdhUyDLJjbF2tLvOeYGKlkU3WjYZKsBMUxBppLFkllS7R7gt557ZLmN2sQYs3ck9pZFcWGX-2XiRSt2rkmEvVOxf6L6uCrWqY7i6W>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrvdegvddguddvgecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpggftfghnshhusghstghrihgsvgdp uffrtefokffrpgfnqfghnecuuegrihhlohhuthemuceftddtnecupfhoucgurghtvgcufh hivghlugculdegledmnecujfgurheptggghffvufesrgdttdertddtjeenucfhrhhomhep tfgvphhoshhithhorhihucettghtihhvihhthicuufhumhhmrghrhicuuehothcuoeguoh gpnhhothgprhgvphhlhiesmhhnohhtrdhnvghtqeenucggtffrrghtthgvrhhnpeekfedv udetjedvfeekheeiveeugfefhfetteevgeffkefffeetffdvleehudeiteenucffohhmrg hinhepghhithhhuhgsrdgtohhmnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghm pehmrghilhhfrhhomhepughopghnohhtpghrvghplhihsehmnhhothdrnhgvthdpnhgspg hrtghpthhtohepuddpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepohgruhhthhes ihgvthhfrdhorhhg
X-ME-Proxy: <xmx:lXkLZ11Bj3ZUs6JKtjadzVyDZVM4dcDOwmokQtCus-rPUqbEeaPBQg> <xmx:lXkLZ_EmuFMPSTXaiSLgOTDZFe8UGixfaZ59nTyVB3SXEatO6f3H8g> <xmx:lXkLZ--2d31pbk3z9itswBGceFLRi0FtKcwxgb-1TRASz9Z_Hi0mNA> <xmx:lXkLZ0kvRVNf47B_9cCZJe6BYyI45cYig-wUkfMggbUBHTGp3Ztg3A> <xmx:lXkLZ0TBjDczK8-lFeu-Nd892HHKu7XLxDdRYHMiepiCq5lm7z6-Ceua>
Feedback-ID: i1c3946f2:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <oauth@ietf.org>; Sun, 13 Oct 2024 03:41:09 -0400 (EDT)
Content-Type: multipart/alternative; boundary="===============6062971008653155881=="
MIME-Version: 1.0
From: Repository Activity Summary Bot <do_not_reply@mnot.net>
To: oauth@ietf.org
Message-Id: <20241013074110.2E0B0C14F6A9@ietfa.amsl.com>
Date: Sun, 13 Oct 2024 00:41:10 -0700
Message-ID-Hash: WWIZ3ZHNWLGMBDYHJ26T7W3ZLP4IMUHB
X-Message-ID-Hash: WWIZ3ZHNWLGMBDYHJ26T7W3ZLP4IMUHB
X-MailFrom: do_not_reply@mnot.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc5
Precedence: list
Subject: [OAUTH-WG] Weekly github digest (OAuth Activity Summary)
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/1tchBzhGKULo_x4wy67WbaViBIQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>
Events without label "editorial" Issues ------ * oauth-wg/oauth-transaction-tokens (+0/-1/š¬0) 1 issues closed: - IANA registration procedures https://github.com/oauth-wg/oauth-transaction-tokens/issues/117 * oauth-wg/oauth-sd-jwt-vc (+4/-2/š¬19) 4 issues created: - display and claims definition in section 6.2 (by Sakurann) https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/260 - Free text in description. (by Sakurann) https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/259 - Why vct is not selectively disclosable, but vct#integrity is not? (by Sakurann) https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/258 - ed: sentence clarification (by Sakurann) https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/257 7 issues received 19 new comments: - #259 Free text in description. (1 by danielfett) https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/259 - #258 Why vct is not selectively disclosable, but vct#integrity is not? (4 by Sakurann, bc-pi, danielfett) https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/258 [NEEDS PR] - #257 ed: sentence clarification (1 by danielfett) https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/257 - #253 Issuer-signed JWT Verification Key Validation - Separation of signature and identity verification/validation? (9 by alenhorvat, awoie) https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/253 [discuss] - #225 Consider recommending a way to encode other data types. (1 by awoie) https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/225 - #224 Add type metadata for basic display/rendering information (1 by awoie) https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/224 [metadata] [wg-05] - #212 Embedded Issuer Policies (2 by alenhorvat, awoie) https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/212 2 issues closed: - Add type metadata for basic display/rendering information https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/224 [metadata] [wg-05] - display and claims definition in section 6.2 https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/260 [HAS PR] * oauth-wg/draft-ietf-oauth-status-list (+1/-2/š¬3) 1 issues created: - Add Reserved For Private Use Range (by OR13) https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/181 3 issues received 3 new comments: - #181 Add Reserved For Private Use Range (1 by paulbastian) https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/181 - #138 Support an optional feature for historical resolution (1 by paulbastian) https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/138 [feature] [ready-for-pr] - #51 "A Status List can not represent multiple statuses per Referenced Token" (1 by paulbastian) https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/51 [discuss] 2 issues closed: - restriction to numeric status https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/53 [discuss] - Should the JWT StatusList encoded 1-bit bytearray map to W3C StatusList 2021 bitstring? https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/68 [discuss] * oauth-wg/draft-ietf-oauth-attestation-based-client-auth (+3/-2/š¬2) 3 issues created: - Restructure sections for presentation of attestation (by c2bo) https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/86 - Take lessons learned from nonce endpoint in OpenID4VCI and apply to this draft (by paulbastian) https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/85 - Rewrite introduction that the main purpose is not about key attestation (by paulbastian) https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/84 2 issues received 2 new comments: - #29 [IANA Registry] attested_security_context as JWT parameter (1 by paulbastian) https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/29 - #15 Security levels in the attestation (1 by paulbastian) https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/15 2 issues closed: - [IANA Registry] attested_security_context as JWT parameter https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/29 - Security levels in the attestation https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/15 Pull requests ------------- * oauth-wg/oauth-identity-chaining (+1/-0/š¬0) 1 pull requests submitted: - Update affiliation of Arndt (by arndt-s) https://github.com/oauth-wg/oauth-identity-chaining/pull/96 * oauth-wg/oauth-transaction-tokens (+0/-1/š¬0) 1 pull requests merged: - Addressed comments from IANA review https://github.com/oauth-wg/oauth-transaction-tokens/pull/144 * oauth-wg/oauth-sd-jwt-vc (+2/-1/š¬2) 2 pull requests submitted: - Warn of the dangers of malicious text (by danielfett) https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/262 - Fix #260 (by danielfett) https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/261 1 pull requests received 2 new comments: - #262 Warn of the dangers of malicious text (2 by bc-pi, danielfett) https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/262 1 pull requests merged: - Fix #260 https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/261 * oauth-wg/draft-ietf-oauth-resource-metadata (+1/-0/š¬1) 1 pull requests submitted: - Describe motivations for IANA registration procedure (by selfissued) https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata/pull/62 1 pull requests received 1 new comments: - #62 Describe motivations for IANA registration procedure (1 by debcooley) https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata/pull/62 * oauth-wg/oauth-selective-disclosure-jwt (+2/-1/š¬7) 2 pull requests submitted: - Rewrite introduction and abstract (by danielfett) https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/477 - WGLC updates 4/x (explicit typing discussion) (by bc-pi) https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/476 2 pull requests received 7 new comments: - #475 ISO/IEC 29100 is too private (5 by Sakurann, bc-pi, danielfett, sakimura) https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/475 - #473 WGLC updates 2/x (remove sentence in intro) (2 by bc-pi) https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/473 [ready-to-close] 1 pull requests merged: - WGLC updates 1/x https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/472 * oauth-wg/draft-ietf-oauth-status-list (+1/-0/š¬1) 1 pull requests submitted: - editorial fixes (by paulbastian) https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/180 1 pull requests received 1 new comments: - #178 add optional support for historical status resolution (1 by c2bo) https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/178 Repositories tracked by this digest: ----------------------------------- * https://github.com/oauth-wg/oauth-browser-based-apps * https://github.com/oauth-wg/oauth-identity-chaining * https://github.com/oauth-wg/oauth-transaction-tokens * https://github.com/oauth-wg/oauth-sd-jwt-vc * https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata * https://github.com/oauth-wg/oauth-cross-device-security * https://github.com/oauth-wg/oauth-selective-disclosure-jwt * https://github.com/oauth-wg/oauth-v2-1 * https://github.com/oauth-wg/draft-ietf-oauth-status-list * https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth
- [OAUTH-WG] Weekly github digest (OAuth Activity Sā¦ Repository Activity Summary Bot