[OAUTH-WG] Weekly github digest (OAuth Activity Summary)

Repository Activity Summary Bot <do_not_reply@mnot.net> Sun, 20 October 2024 08:31 UTC

Return-Path: <do_not_reply@mnot.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2342EC14CE39 for <oauth@ietfa.amsl.com>; Sun, 20 Oct 2024 01:31:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.407
X-Spam-Level:
X-Spam-Status: No, score=-2.407 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=mnot.net header.b="TIo08IK8"; dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=messagingengine.com header.b="dVWrRlIt"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qrK3lT_gF7Xe for <oauth@ietfa.amsl.com>; Sun, 20 Oct 2024 01:31:40 -0700 (PDT)
Received: from fout-a2-smtp.messagingengine.com (fout-a2-smtp.messagingengine.com [103.168.172.145]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 679FDC14CE5E for <oauth@ietf.org>; Sun, 20 Oct 2024 01:31:40 -0700 (PDT)
Received: from phl-compute-01.internal (phl-compute-01.phl.internal [10.202.2.41]) by mailfout.phl.internal (Postfix) with ESMTP id AE4E41380254 for <oauth@ietf.org>; Sun, 20 Oct 2024 03:40:06 -0400 (EDT)
Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-01.internal (MEProxy); Sun, 20 Oct 2024 03:40:06 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h=cc :content-type:content-type:date:from:from:in-reply-to :mime-version:reply-to:subject:subject:to:to; s=fm1; t= 1729410006; x=1729496406; bh=jMzlNkfgFhLuhK8tgGwwQKNCr56k8Wqo2Hr DkcYaccw=; b=TIo08IK8vCnafrADwn8+0rWzwnvQJNkzQeaSSAk3meBXn+JmJMe ZVJ+l+3EB3IQgCC9GwvWJupotys6peuuHR3vf/HH1RIsj7GuyZv9FCJY08fBFCTb DU8du2jVM0HpIkkFi/e5GrlMHS2Z6YZpu6a2CTzrtArpKj2HOxtpO9N03W0Q5F9j sKtm2+CrUDD8Qk+BCtuYjKNix8Cp6aMeSxLPI7zm1uoW+vyw4rTnq8WYESl/687j Oy4GWg3HYVfqbqvkVkO/LZLXFdu4dLTHVrwZl2nrFwb6CVnPc8vz0VRSo4yASYhL 7q2FSQlkdbGAtkPSC29wE6cjzDfWrDZ6m2A==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date :feedback-id:feedback-id:from:from:in-reply-to:mime-version :reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1729410006; x= 1729496406; bh=jMzlNkfgFhLuhK8tgGwwQKNCr56k8Wqo2HrDkcYaccw=; b=d VWrRlItQmHjj+tWSAHtmNZkwl4jBBeRDR8KoEnUWlpVXyosDBtDt1ixwuH3H0jIy 8CP0bXxyShNhdCLELFsnsEisqBMpIZJe1ZigQkROLCB9gfAJ1eGlysatFiJiIcr3 gjQ9+MjwFoY1rhvzM+feqmV3PoHshtYiEtVTfGV2vh5RItnHhIBAF5JQJabODYBl 7M88kuYz8iSxqwuY2zni2IJIONymP++k566DYM/i/RdCbRl3Kd2gUp1d/xd/y4s2 9IXbpMhFgDSyVJ/FNxQt+7vq82LyIKJwanaU8VrN+OGL4uxkeXSLMBL3zhLJmjZI IVv8kEM2APnBlqXnewPvQ==
X-ME-Sender: <xms:1rMUZ4aLRGcrxaAYCNdg9ieuGiTIZrwwyWFsWWgCXKH7M1yOZyzpNg> <xme:1rMUZzboB6lnY548KDXea9mKDpdY09nF4kst3lVJL_7mHss4UX_ncNGVuT_Jxem-d otgcyI7X8T4Ix3ekA>
X-ME-Received: <xmr:1rMUZy-7JvACsMuuqx4Src2iV2s4T0r-O8MBsnw_qIyFLuuetsiaKLDwGuTB9XnIeaW45b90N7KGcwNMuHtNY-vJGvimp5aIOaJVk7cboILwIIG7MPyuDjS-utjS_XcSazY>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrvdehiedguddvhecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpggftfghnshhusghstghrihgsvgdp uffrtefokffrpgfnqfghnecuuegrihhlohhuthemuceftddtnecupfhoucgurghtvgcufh hivghlugculdegledmnecujfgurheptggghffvufesrgdttdertddtjeenucfhrhhomhep tfgvphhoshhithhorhihucettghtihhvihhthicuufhumhhmrghrhicuuehothcuoeguoh gpnhhothgprhgvphhlhiesmhhnohhtrdhnvghtqeenucggtffrrghtthgvrhhnpeekfedv udetjedvfeekheeiveeugfefhfetteevgeffkefffeetffdvleehudeiteenucffohhmrg hinhepghhithhhuhgsrdgtohhmnecuvehluhhsthgvrhfuihiivgepudenucfrrghrrghm pehmrghilhhfrhhomhepughopghnohhtpghrvghplhihsehmnhhothdrnhgvthdpnhgspg hrtghpthhtohepuddpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepohgruhhthhes ihgvthhfrdhorhhg
X-ME-Proxy: <xmx:1rMUZypZ4aLXPzRp7faU3HZ_y81ltqwNAk2qhZwoaE0eDqoKkbpiPQ> <xmx:1rMUZzp3CqsD3WMr1MYVmA1O-wMvI0EltcSr-KpMxxpx5NTBuXiJ-A> <xmx:1rMUZwR88fDpVpghxbLGTBk7lbVESrY08TbANQoJzKbvLnFkvF_XHg> <xmx:1rMUZzr3iso0us0t2b__v8rk-ltAckvdx6zuHDQuWvxFLh7UeGRaAw> <xmx:1rMUZ61xk4pkGcPuCSR9FNmVB-kyMjQ3VICxZ6PBZ8J7pSCvLa4btbfQ>
Feedback-ID: i1c3946f2:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <oauth@ietf.org>; Sun, 20 Oct 2024 03:40:06 -0400 (EDT)
Content-Type: multipart/alternative; boundary="===============1053155767977258415=="
MIME-Version: 1.0
From: Repository Activity Summary Bot <do_not_reply@mnot.net>
To: oauth@ietf.org
Message-Id: <20241020083140.679FDC14CE5E@ietfa.amsl.com>
Date: Sun, 20 Oct 2024 01:31:40 -0700
Message-ID-Hash: UD6WXBPRQ47CEXOWC3J6IJKNU2KIZYIK
X-Message-ID-Hash: UD6WXBPRQ47CEXOWC3J6IJKNU2KIZYIK
X-MailFrom: do_not_reply@mnot.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [OAUTH-WG] Weekly github digest (OAuth Activity Summary)
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/5bCdAADAB80TOEv2sAp9AwMq9UQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>



Events without label "editorial"

Issues
------
* oauth-wg/oauth-transaction-tokens (+0/-0/šŸ’¬1)
  1 issues received 1 new comments:
  - #110 Tx token lifetime guidance missing for replacement token (1 by ashayraut)
    https://github.com/oauth-wg/oauth-transaction-tokens/issues/110 

* oauth-wg/oauth-sd-jwt-vc (+1/-0/šŸ’¬1)
  1 issues created:
  - second-guess the choice to use .well-known for type metadata documents (by bc-pi)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/264 

  1 issues received 1 new comments:
  - #264 second-guess the choice to use .well-known for type metadata documents (1 by danielfett)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/264 

* oauth-wg/oauth-selective-disclosure-jwt (+0/-3/šŸ’¬4)
  2 issues received 4 new comments:
  - #468 sd_alg, _sd_alg - Option for claims reuse? (2 by alenhorvat, danielfett)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/468 [ready-to-close] [pending-close] 
  - #464 WGLC updates (2 by Sakurann, bc-pi)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/464 

  3 issues closed:
  - sd_alg, _sd_alg - Option for claims reuse? https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/468 [ready-to-close] [pending-close] 
  - WGLC updates https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/464 
  - Decoy Digest Implications https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/470 

* oauth-wg/draft-ietf-oauth-status-list (+1/-1/šŸ’¬1)
  1 issues created:
  - Clarify that implementations SHOULD NOT fail when one of the status lists referenced in the aggregation endpoint fails the processing rules (by tplooker)
    https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/182 

  1 issues received 1 new comments:
  - #156 Simplifying compression requirements (1 by paulbastian)
    https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/156 [discuss] 

  1 issues closed:
  - "A Status List can not represent multiple statuses per Referenced Token" https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/51 [discuss] 

* oauth-wg/draft-ietf-oauth-attestation-based-client-auth (+1/-1/šŸ’¬1)
  1 issues created:
  - Delete key attestation example from the Annex (by paulbastian)
    https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/88 

  1 issues received 1 new comments:
  - #86 Restructure sections for presentation of attestation (1 by c2bo)
    https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/86 [ready-for-pr] 

  1 issues closed:
  - Update client attestation pop to include JTI and nonce https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/77 [ready-for-pr] 



Pull requests
-------------
* oauth-wg/oauth-identity-chaining (+1/-2/šŸ’¬0)
  1 pull requests submitted:
  - Updated affiliation (by PieterKas)
    https://github.com/oauth-wg/oauth-identity-chaining/pull/97 

  2 pull requests merged:
  - Update affiliation of Arndt
    https://github.com/oauth-wg/oauth-identity-chaining/pull/96 
  - Updated affiliation for Pieter
    https://github.com/oauth-wg/oauth-identity-chaining/pull/97 

* oauth-wg/oauth-transaction-tokens (+2/-1/šŸ’¬0)
  2 pull requests submitted:
  - Update Transaction Token Service responsibility for replacement tokens #110 (by ashayraut)
    https://github.com/oauth-wg/oauth-transaction-tokens/pull/147 
  - Affiliation change for Pieter (by PieterKas)
    https://github.com/oauth-wg/oauth-transaction-tokens/pull/146 

  1 pull requests merged:
  - Affiliation change for Pieter
    https://github.com/oauth-wg/oauth-transaction-tokens/pull/146 

* oauth-wg/draft-ietf-oauth-resource-metadata (+0/-1/šŸ’¬0)
  1 pull requests merged:
  - Describe motivations for IANA registration procedure
    https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata/pull/62 

* oauth-wg/oauth-selective-disclosure-jwt (+3/-6/šŸ’¬5)
  3 pull requests submitted:
  - Update Makefile (by bc-pi)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/480 
  - Updates for -13 (by danielfett)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/479 
  - Added comment regarding holder guarantees (Addressing Issue #470) (by AlexHodder)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/478 

  3 pull requests received 5 new comments:
  - #476 WGLC updates 4/x (explicit typing discussion) (1 by danielfett)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/476 
  - #475  ISO/IEC 29100 is too private  (2 by bc-pi)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/475 
  - #467 introduction rewrite (2 by Sakurann, bc-pi)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/467 [pending-close] 

  6 pull requests merged:
  - Update Makefile
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/480 
  - Updates for -13
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/479 
  - Added comment regarding holder guarantees (Addressing Issue #470)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/478 
  - Rewrite introduction and abstract
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/477 
  - WGLC updates 4/x (explicit typing discussion)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/476 
  - WGLC updates 3/x (Neil's stuff)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/474 

* oauth-wg/draft-ietf-oauth-status-list (+2/-0/šŸ’¬0)
  2 pull requests submitted:
  - fix: update cwt claim definitions (by tplooker)
    https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/184 
  - mixing formats and media types (by c2bo)
    https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/183 

* oauth-wg/draft-ietf-oauth-attestation-based-client-auth (+1/-1/šŸ’¬0)
  1 pull requests submitted:
  - fix PoP examples to include jti and nonce (by paulbastian)
    https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/pull/87 

  1 pull requests merged:
  - fix PoP examples to include jti and nonce
    https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/pull/87 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/oauth-wg/oauth-browser-based-apps
* https://github.com/oauth-wg/oauth-identity-chaining
* https://github.com/oauth-wg/oauth-transaction-tokens
* https://github.com/oauth-wg/oauth-sd-jwt-vc
* https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata
* https://github.com/oauth-wg/oauth-cross-device-security
* https://github.com/oauth-wg/oauth-selective-disclosure-jwt
* https://github.com/oauth-wg/oauth-v2-1
* https://github.com/oauth-wg/draft-ietf-oauth-status-list
* https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth