Re: [OAUTH-WG] REVISED Last Call: <draft-ietf-oauth-v2-bearer-15.txt> (The OAuth 2.0 Authorization Protocol: Bearer Tokens) to Proposed Standard
Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 24 January 2012 15:06 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3991921F8646; Tue, 24 Jan 2012 07:06:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.885
X-Spam-Level:
X-Spam-Status: No, score=-102.885 tagged_above=-999 required=5 tests=[AWL=-0.286, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kms5gnvHffwh; Tue, 24 Jan 2012 07:06:40 -0800 (PST)
Received: from scss.tcd.ie (hermes.cs.tcd.ie [IPv6:2001:770:10:200:889f:cdff:fe8d:ccd2]) by ietfa.amsl.com (Postfix) with ESMTP id 6E89921F8638; Tue, 24 Jan 2012 07:06:40 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by hermes.scss.tcd.ie (Postfix) with ESMTP id D668C171D15; Tue, 24 Jan 2012 15:06:39 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; h= content-transfer-encoding:content-type:in-reply-to:references :subject:mime-version:user-agent:from:date:message-id:received :received:x-virus-scanned; s=cs; t=1327417599; bh=sA+ugQ1NuCVFPq BNwJSHsTR71jDsoOfbh+MR1EKI2tg=; b=HMX+oR74o/fALoZNS8S4gQQ2kqEBu2 4jCMql3XT4OnQKGfOQC5SMBeelWlv6C3U7M/Zy/pcFtw1mcfOFygynI0zAjDn0VX DM4DHCWsuXmMwnVwLMa+1a9T3zEXLTA3wMz1WnGmfAf9Q/8+C/hJfIq/8qFZukWS LjK18HJIhocCSTYirQj1UW2TXDbz/jzXkzEf3P3j3nFjzBggIzw2rHZTzmy832vC x1nm2PsEqK5LYKpfoa865QF9K63CFSy7gQl4+XWg7S/V0dFMrUQ8Jz7V1N3IxMkF tSsTsocfFH//XfEX3iONRJU2OOR/TU+6lKT/Bg8D78wU38sP3Gdm142Q==
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from scss.tcd.ie ([127.0.0.1]) by localhost (scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10027) with ESMTP id 2lZhsqgULZr6; Tue, 24 Jan 2012 15:06:39 +0000 (GMT)
Received: from [10.1.1.138] (wifi.ist.utl.pt [193.136.128.57]) by smtp.scss.tcd.ie (Postfix) with ESMTPSA id A6AA7171C04; Tue, 24 Jan 2012 15:06:38 +0000 (GMT)
Message-ID: <4F1EC8FD.2020307@cs.tcd.ie>
Date: Tue, 24 Jan 2012 15:06:37 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:9.0) Gecko/20111222 Thunderbird/9.0.1
MIME-Version: 1.0
To: ietf@ietf.org
References: <20120124150006.1521.19292.idtracker@ietfa.amsl.com>
In-Reply-To: <20120124150006.1521.19292.idtracker@ietfa.amsl.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: The IESG <iesg-secretary@ietf.org>, oauth@ietf.org, IETF-Announce <ietf-announce@ietf.org>
Subject: Re: [OAUTH-WG] REVISED Last Call: <draft-ietf-oauth-v2-bearer-15.txt> (The OAuth 2.0 Authorization Protocol: Bearer Tokens) to Proposed Standard
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Jan 2012 15:06:41 -0000
Folks, The OAuth bearer and base last calls had to be re-done since I forgot to include some downref information. Other than adding a day to IETF LC, there should be no other difference. Sorry about that. S On 01/24/2012 03:00 PM, The IESG wrote: > > The IESG has received a request from the Web Authorization Protocol WG > (oauth) to consider the following document: > - 'The OAuth 2.0 Authorization Protocol: Bearer Tokens' > <draft-ietf-oauth-v2-bearer-15.txt> as a Proposed Standard > > The IESG plans to make a decision in the next few weeks, and solicits > final comments on this action. Please send substantive comments to the > ietf@ietf.org mailing lists by 2012-02-07. Exceptionally, comments may be > sent to iesg@ietf.org instead. In either case, please retain the > beginning of the Subject line to allow automated sorting. > > Abstract > > > This specification describes how to use bearer tokens in HTTP > requests to access OAuth 2.0 protected resources. Any party in > possession of a bearer token (a "bearer") can use it to get access to > the associated resources (without demonstrating possession of a > cryptographic key). To prevent misuse, bearer tokens need to be > protected from disclosure in storage and in transport. > > > * There is a normative reference to RFC 2246 (TLS 1.0), which has been > obsoleted by RFC 5246 (TLS 1.2). The document uses this reference to > note that TLS 1.0 is, at this writing, the most widely deployed > version. The working group believes it is necessary to note that, and > that the reference be normative. > > > The file can be obtained via > http://datatracker.ietf.org/doc/draft-ietf-oauth-v2-bearer/ > > IESG discussion can be tracked via > http://datatracker.ietf.org/doc/draft-ietf-oauth-v2-bearer/ > > > No IPR declarations have been submitted directly on this I-D. > > > _______________________________________________ > IETF-Announce mailing list > IETF-Announce@ietf.org > https://www.ietf.org/mailman/listinfo/ietf-announce >
- [OAUTH-WG] REVISED Last Call: <draft-ietf-oauth-v… The IESG
- Re: [OAUTH-WG] REVISED Last Call: <draft-ietf-oau… Stephen Farrell