Re: [OAUTH-WG] Call for adoption: OAuth Security Topics

William Denniss <wdenniss@google.com> Fri, 03 February 2017 23:57 UTC

Return-Path: <wdenniss@google.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 42C81129421 for <oauth@ietfa.amsl.com>; Fri, 3 Feb 2017 15:57:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.877
X-Spam-Level:
X-Spam-Status: No, score=-4.877 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MISSING_HEADERS=1.021, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-3.199, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HsBUl2EmGyVk for <oauth@ietfa.amsl.com>; Fri, 3 Feb 2017 15:57:39 -0800 (PST)
Received: from mail-qt0-x22b.google.com (mail-qt0-x22b.google.com [IPv6:2607:f8b0:400d:c0d::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA52D129416 for <oauth@ietf.org>; Fri, 3 Feb 2017 15:57:38 -0800 (PST)
Received: by mail-qt0-x22b.google.com with SMTP id x49so60722775qtc.2 for <oauth@ietf.org>; Fri, 03 Feb 2017 15:57:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:cc; bh=/knX1bA/VMze9SMblt3ILlgn9emjE5P27LdToKLNCbk=; b=YtVzbsRc6VQfl/Hbp5Sn0YXgRqTzQorkAjMkhlxX0mTKiAl9QMC0JKXxkOptWn29NF u7ae7lUdvUI0tfKkFejg35IlUf2J8lb12OLnG0m/WKr8VgdovxvTABBC50H3ZdNyAp9n m7vyaVWJdvpsBPX1Q1KHKZANJX5dMfgJX+dzaLq7mZTTgCfhvc7KsgHTqdY9zx8MRcVQ m5uxokMe2X7vVseNrOoXt4M+l/n3I1YeiLH3CYUyaIRxE8WxtwnBqHcFfJP36Sowt3hs XkMgiMEZgI6PugxGv/HtcDJvRckf5IFb1E0VfkfU3uwjGWsp3ipHUE7aL8CyW6rX6rKP U5Ng==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:cc; bh=/knX1bA/VMze9SMblt3ILlgn9emjE5P27LdToKLNCbk=; b=NyVjUi+tneDKuGHWjrzwnRgufXMRLTB0K8387FqS/Uvn2pq5kgSv0+hqs5HRZiflbl 2UbRltV2zLycR7BKcsFXuhPg9xQzt2mFWefhr0poOPtJDZ2WhIunnKh+NrSlEI7HFndy vGuKhPP9rbcP35OHYeQW+UUK6DZy73Fu1vZ4IjFdeAXk9+fOR/242jZBctonL6U/EvAU 0UeVByW2ZxWBjpQL3CQ7h+EcqtM5mwmzq10b9Ln97RZ5fJpcxabW5ZFo/wKwAgn1C/JE 8QR7cfurlCut/tiAIcAeKmaGHYbeIqQon59QAvNgWUy6eB0jwTXNBzAMM6abAqtsH55k pmnA==
X-Gm-Message-State: AIkVDXJCFBhTVd2uHQa9PVtTFmhaYh/+9ieLQp0//zx9b8Ey8WxKLvwDbi/IF+BD+wt6Nr6BUmB374rcVmCE2AlM
X-Received: by 10.237.37.58 with SMTP id v55mr16297212qtc.15.1486166257676; Fri, 03 Feb 2017 15:57:37 -0800 (PST)
MIME-Version: 1.0
Received: by 10.140.16.207 with HTTP; Fri, 3 Feb 2017 15:57:17 -0800 (PST)
In-Reply-To: <CAB3ntOupmVPnW4D2QXfJ1rjbMnF-8T9hvcy5cC6EaTDawyuA_A@mail.gmail.com>
References: <ae7d8912-2a13-4d19-62b4-0b1d1106a555@gmx.net> <541A5105-B963-4FA4-94E4-D794A73B3358@ve7jtb.com> <CAB3ntOupmVPnW4D2QXfJ1rjbMnF-8T9hvcy5cC6EaTDawyuA_A@mail.gmail.com>
From: William Denniss <wdenniss@google.com>
Date: Fri, 3 Feb 2017 15:57:17 -0800
Message-ID: <CAAP42hC-eM2twsZySvrw26-nL88QBpAU_3MLsztp7JFT=daC0Q@mail.gmail.com>
Cc: "oauth@ietf.org" <oauth@ietf.org>
Content-Type: multipart/alternative; boundary=001a113f42e6de12370547a90bb3
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/3IfIYe0gt2GjxAvSQrEawSBj1Ho>
Subject: Re: [OAUTH-WG] Call for adoption: OAuth Security Topics
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Feb 2017 23:57:40 -0000

I support the adoption of this document as a working group item.

On Thu, Feb 2, 2017 at 2:30 PM, Jim Willeke <jim@willeke.com>; wrote:

> +!
> I agree this is needed.
>
> --
> -jim
> Jim Willeke
>
> On Thu, Feb 2, 2017 at 4:33 PM, John Bradley <ve7jtb@ve7jtb.com>; wrote:
>
>> I am in favour of adoption.
>> > On Feb 2, 2017, at 4:09 AM, Hannes Tschofenig <
>> hannes.tschofenig@gmx.net>; wrote:
>> >
>> > Hi all,
>> >
>> > this is the call for adoption of the 'OAuth Security Topics' document
>> > following the positive call for adoption at the last IETF
>> > meeting in Seoul.
>> >
>> > Here is the document:
>> > https://tools.ietf.org/html/draft-lodderstedt-oauth-security-topics-00
>> >
>> > The intention with this document is to have a place to collect
>> > discussions and conclusions around OAuth 2.0 security and to reference
>> > the actual solution specifications.
>> >
>> > Please let us know by Feb 16th whether you accept / object to the
>> > adoption of this document as a starting point for work in the OAuth
>> > working group.
>> >
>> > Ciao
>> > Hannes & Derek
>> >
>> > _______________________________________________
>> > OAuth mailing list
>> > OAuth@ietf.org
>> > https://www.ietf.org/mailman/listinfo/oauth
>>
>>
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
>>
>>
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>
>