Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-v2-http-mac-01.txt
William Mills <wmills@yahoo-inc.com> Wed, 08 February 2012 18:41 UTC
Return-Path: <wmills@yahoo-inc.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BAA1121E800E for <oauth@ietfa.amsl.com>; Wed, 8 Feb 2012 10:41:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.216
X-Spam-Level:
X-Spam-Status: No, score=-17.216 tagged_above=-999 required=5 tests=[AWL=0.382, BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_DEF_WHITELIST=-15]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PH5n5HKAgaxa for <oauth@ietfa.amsl.com>; Wed, 8 Feb 2012 10:41:08 -0800 (PST)
Received: from nm25.bullet.mail.ne1.yahoo.com (nm25.bullet.mail.ne1.yahoo.com [98.138.90.88]) by ietfa.amsl.com (Postfix) with SMTP id 9939621F85C4 for <oauth@ietf.org>; Wed, 8 Feb 2012 10:41:07 -0800 (PST)
Received: from [98.138.90.50] by nm25.bullet.mail.ne1.yahoo.com with NNFMP; 08 Feb 2012 18:41:04 -0000
Received: from [98.138.89.173] by tm3.bullet.mail.ne1.yahoo.com with NNFMP; 08 Feb 2012 18:41:04 -0000
Received: from [127.0.0.1] by omp1029.mail.ne1.yahoo.com with NNFMP; 08 Feb 2012 18:41:04 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 334285.72312.bm@omp1029.mail.ne1.yahoo.com
Received: (qmail 39895 invoked by uid 60001); 8 Feb 2012 18:41:03 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo-inc.com; s=ginc1024; t=1328726463; bh=f33bu/xgSBIJIlDlo6i+Hl+N0rQ8FMUuuoF2BWWqgk0=; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=GimwVQ9k3dqhAFOeb4gKMYNF99QZqz1TMW+plbgXbAdyx7IwJGvBoHdK+3kMsq6XlhWzoMAsAIfdlgu1f6tc38rOG2ZpbL4x+1mtevgKlmm3m43GdNtn7ct3Q3ryUs/eCsXRANLAjL/TjAqxDm3jpOYMDDbXCzv9LHSlv1H74ho=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=ginc1024; d=yahoo-inc.com; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=J/izqmQBgds6n0pMgQp8dEFE5YqqKLiAMByRePKpZyticlgyX0HaTyEoiTKdB2j+11f2glg5siDxT0fn/8QAaATBFYU5L0y06KKwPK0eet+qERzhaUqOI1QVkFtFoZqfwzDfhkVIjAbLOrP1Kz/iDw+veobWVvGgVlGkml3vSIw=;
X-YMail-OSG: LdMmzB4VM1kBxns.zdJlqin6ypoqWWY7Mmq847LZG36kvpq VcUtLPBdXMEoncHmRPrlw5.MntqqR91c1u75mCNPheGmddSYkReMnxjIW3o5 vKfvVHAOm1I0_MrABrNHu60vbuieuV.4ZcEUpAnZ1zHMpLdbp2NlvnODDuV4 ufGZMzosUPj5mQjqO1tJxEWrEr4TtLmJ3mrtWgI1QoKplggHa0hBMybF9sBj gKIY4jkKUyxm06WJTL_mVKmmb_tdazSIQGpGfxtXKVbSTf9ce2VipaMB4IHG 0tIHs4vuZ0XStQoR90JHuAMW8fRrZxHWssPyId3tFixkN1av.Dme4jDJvrS1 m0srrNYoeo880jyU9WY1ySJDJNBagocjX3UY9Q0slO1FkDtUSK8ZdBttTvJQ HRlpGKZ9NG2CG4TelIgdWdPA60FpAPjO8KIubnP4XMY0qvrcOIg--
Received: from [209.131.62.113] by web31809.mail.mud.yahoo.com via HTTP; Wed, 08 Feb 2012 10:41:03 PST
X-RocketYMMF: william_john_mills
X-Mailer: YahooMailWebService/0.8.117.340031
References: <20120208175209.30915.17732.idtracker@ietfa.amsl.com> <90C41DD21FB7C64BB94121FBBC2E723453AADDD3F6@P3PW5EX1MB01.EX1.SECURESERVER.NET>
Message-ID: <1328726463.99812.YahooMailNeo@web31809.mail.mud.yahoo.com>
Date: Wed, 08 Feb 2012 10:41:03 -0800
From: William Mills <wmills@yahoo-inc.com>
To: Eran Hammer <eran@hueniverse.com>, "oauth@ietf.org" <oauth@ietf.org>
In-Reply-To: <90C41DD21FB7C64BB94121FBBC2E723453AADDD3F6@P3PW5EX1MB01.EX1.SECURESERVER.NET>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="-1395015409-161629053-1328726463=:99812"
Subject: Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-v2-http-mac-01.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: William Mills <wmills@yahoo-inc.com>
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 18:41:08 -0000
Might be worthwhile to ask to have the previous draft marked as superceded by this one. ________________________________ From: Eran Hammer <eran@hueniverse.com> To: "oauth@ietf.org" <oauth@ietf.org> Sent: Wednesday, February 8, 2012 9:54 AM Subject: Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-v2-http-mac-01.txt Main changes: Removed cookies support Removed body hash Clarified timestamp verification I still have more comments to process but wanted to get a new draft out first as the current one expired. Please review the new timestamp prose and let me know what you think. I'm trying to allow the client to use any timestamp it can easily produce, and move the verification logic to the server as much as possible. EH > -----Original Message----- > From: oauth-bounces@ietf.org [mailto:oauth-bounces@ietf.org] On Behalf > Of internet-drafts@ietf.org > Sent: Wednesday, February 08, 2012 9:52 AM > To: i-d-announce@ietf.org > Cc: oauth@ietf.org > Subject: [OAUTH-WG] I-D Action: draft-ietf-oauth-v2-http-mac-01.txt > > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Web Authorization Protocol Working Group of > the IETF. > > Title : HTTP Authentication: MAC Access Authentication > Author(s) : Eran Hammer-Lahav > Filename : draft-ietf-oauth-v2-http-mac-01.txt > Pages : 20 > Date : 2012-02-08 > > This document specifies the HTTP MAC access authentication scheme, an > HTTP authentication method using a message authentication code (MAC) > algorithm to provide cryptographic verification of portions of HTTP > requests. The document also defines an OAuth 2.0 binding for use as > an access-token type. > > > A URL for this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-ietf-oauth-v2-http-mac-01.txt > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > This Internet-Draft can be retrieved at: > ftp://ftp.ietf.org/internet-drafts/draft-ietf-oauth-v2-http-mac-01.txt > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
- [OAUTH-WG] I-D Action: draft-ietf-oauth-v2-http-m… internet-drafts
- Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-v2-ht… Eran Hammer
- Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-v2-ht… William Mills
- Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-v2-ht… Manger, James H
- Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-v2-ht… Erlend Hamnaberg
- Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-v2-ht… Eran Hammer
- Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-v2-ht… Julian Reschke