[OAUTH-WG] Re: Token Status List Shepherd Write-up - Implementations
Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com> Tue, 10 June 2025 11:59 UTC
Return-Path: <rifaat.s.ietf@gmail.com>
X-Original-To: oauth@mail2.ietf.org
Delivered-To: oauth@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id C890D3321DA4 for <oauth@mail2.ietf.org>; Tue, 10 Jun 2025 04:59:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id um9A8UikDZoH for <oauth@mail2.ietf.org>; Tue, 10 Jun 2025 04:59:17 -0700 (PDT)
Received: from mail-lf1-x132.google.com (mail-lf1-x132.google.com [IPv6:2a00:1450:4864:20::132]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 701403321D9D for <oauth@ietf.org>; Tue, 10 Jun 2025 04:59:17 -0700 (PDT)
Received: by mail-lf1-x132.google.com with SMTP id 2adb3069b0e04-553246e975fso6219964e87.0 for <oauth@ietf.org>; Tue, 10 Jun 2025 04:59:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1749556756; x=1750161556; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=6Rcx5f8kyYc8r5iaDMoLnYCOXTYMNbtJ5gXxQUnHL2k=; b=DT/Ctql7ffn1zFSg6kwX/7jmD7wg56ck9BEodTz0FiaqF+iynabYp9mWYVMNc7vQU+ gPSo/EJuu7V9AA2ew3a+nj0vMuMZJWbiVVEFQ+tbWTkdv0R6gXEF/NFplyehlDuGjyfd bXTdeNql8e07X4R5eR4AwayU/5EUIQW4yl7/20Sl6uZAb0bWjPgmYFkL7NSA8CM5lCMW KXQGF0uflKs28QBgHfT5ITCnXOD8eZHssaeTpX2r3+NGG0PTayXkISvJ1uKMtY+h8sPF tACsFZ6syoyWk50NxNCLCaqM2Fg0jyhSIaED6kVZZmeqEYfhMHgYM9CcAlqTqNxPjpRM 2iZg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1749556756; x=1750161556; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=6Rcx5f8kyYc8r5iaDMoLnYCOXTYMNbtJ5gXxQUnHL2k=; b=bl8tzGmlSZNarhtbCYJGeNkMCj6pTPqkWa41UFLuQIXpfWZZw5bOl2+1zp6ZbpVqDd Uf7R2qEKyNktCysQqq7f/GG0HDFHXhB2oj9xzxy1yixLgUuG9NTR74GmSllzEgP3s68q 0rMofG8CHS862Nf34s12ghThJABEDSDvNXL7U4V6KK5u04YzK5eNNQRZwc6p6LWoIuSj 2/ziDQlcd3I+lg4J9SyBZM1YFUJICJ0Fk2JXluTTikoNEeYD+hSM7HZAYWdYa5aRZzvJ X6URNL3SgmtXJ2H/AiP3hL+BX7NEtpXxkCt83Zkj9zgWtvIvpuCuq7ThIRa9Q3nhlZjL Tspg==
X-Gm-Message-State: AOJu0YwqjRCeZh9k4urzKQxx2+qDlRToDzxLfNscVebKqfXCEDCdd3JW mBoUARBZpQ2HqbqCDxH98UUO+YTmaqOPIQ6MQ9qSQi8NQlk7A/eMA2t+Bzxp0ZuonAI2GXns3gF BFb87DVAO7FajzxyCM7yJxYdwyTm+vbU=
X-Gm-Gg: ASbGnctJKU2xy5U5fY9IQGT/L7xbmD/9YKmWTdwtRlpDr81Fw6x0/ZFjA0sjadJT//t uiz8/QeZ0RWJ94N7rrHY3LL/ZGCQltPZj1Q+dgh7LDIGL/FaQu2eHCgeL7n51cj3IA13lx0xd30 K7zmHb93hX9FZOKIdJY9UAXK2EmJ9vRhVEog/sxJK5UscBfA==
X-Google-Smtp-Source: AGHT+IGzhoRaQxfMlRCA8An4L0uM1tQhZllt7FKDNxKu1HBTc6GQqup/Es0RMRGSnlmUqfultDkh+kM+jgPYISzyzzU=
X-Received: by 2002:a05:651c:2105:b0:32a:7856:7412 with SMTP id 38308e7fff4ca-32adfe61676mr47961401fa.27.1749556755712; Tue, 10 Jun 2025 04:59:15 -0700 (PDT)
MIME-Version: 1.0
References: <174887501454.25371.12592136904157247695@mail2.ietf.org> <CA+baiBhSmV1+6Qj5PQJLOP12LaTSPwZ0noVHTtF7=4DjWe1+EQ@mail.gmail.com> <7cb6f9f3-2275-4255-902c-27db201331f2@posteo.de>
In-Reply-To: <7cb6f9f3-2275-4255-902c-27db201331f2@posteo.de>
From: Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com>
Date: Tue, 10 Jun 2025 07:59:04 -0400
X-Gm-Features: AX0GCFuopsx1Y7sI-IaraJKDWpieA3-ehkQvBOZhHVhMxLY0CuIhzlrmmgsOcXM
Message-ID: <CADNypP8yTGE5JqKK0a5aXHovfv17xrD+6VX8qkN7Wou=cmYMEw@mail.gmail.com>
To: Paul Bastian <paul.bastian@posteo.de>
Content-Type: multipart/alternative; boundary="000000000000f04d6b0637366c11"
Message-ID-Hash: 5ZWC4NEYITROL77BZ7CSKKX6EFDS7CLN
X-Message-ID-Hash: 5ZWC4NEYITROL77BZ7CSKKX6EFDS7CLN
X-MailFrom: rifaat.s.ietf@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: oauth@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [OAUTH-WG] Re: Token Status List Shepherd Write-up - Implementations
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/B_-o1Y7yQM3UA3c7_vsphS3XInQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>
Do you have links to any of these implementations? Regards, Rifaat On Tue, Jun 10, 2025 at 4:40 AM Paul Bastian <paul.bastian@posteo.de> wrote: > Hi, > > Bundesdruckerei implemented Status List for the German EUDI Wallet > Challenge "FUNKE", so did several other of the Wallet participants. > > Best, Paul > On 6/2/25 17:13, Michael Schwartz wrote: > > Christian, > > We implemented Session Status List in Janssen Auth Server: > https://docs.jans.io/head/janssen-server/auth-server/endpoints/session-status-list/ > > > Also, we have a PR for Status List token validation in the Cedarling PDP > which is almost done: https://github.com/JanssenProject/jans/pull/11520 > > - Mike > > -------------------------------------- > Michael Schwartz > Gluu > Founder/CEO > mike@gluu.org > https://www.linkedin.com/in/nynymike > > On Mon, Jun 2, 2025 at 9:37 AM <oauth-request@ietf.org> wrote: > >> Send OAuth mailing list submissions to >> oauth@ietf.org >> >> To subscribe or unsubscribe via email, send a message with subject or >> body 'help' to >> oauth-request@ietf.org >> >> You can reach the person managing the list at >> oauth-owner@ietf.org >> >> When replying, please edit your Subject line so it is more specific >> than "Re: Contents of OAuth digest..." >> >> Today's Topics: >> >> 1. Re: Token Status List Shepherd Write-up - Implementations >> (Christian Bormann) >> 2. Re: OAuth 2.1 Draft version 12 expired 19.05.2025 >> (Antic Kristian (C/CYG-GE)) >> >> >> ---------------------------------------------------------------------- >> >> Message: 1 >> Date: Mon, 2 Jun 2025 15:02:18 +0200 >> From: Christian Bormann <chris.bormann@gmx.de> >> Subject: [OAUTH-WG] Re: Token Status List Shepherd Write-up - >> Implementations >> To: Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com> >> Cc: oauth <oauth@ietf.org> >> Message-ID: <52AFA656-490E-4A1E-A90B-1481AD07D9A7@gmx.de> >> Content-Type: multipart/alternative; >> boundary="Apple-Mail=_814837D8-8D6F-44E8-9B9B-0B27BDC45877" >> >> Hi Rifaat, >> >> We have a small list of open source implementations that we are aware of >> and which agreed to being added to our repository: >> >> https://github.com/oauth-wg/draft-ietf-oauth-status-list?tab=readme-ov-file#implementations-open-source >> >> Regards, >> Christian >> >> > On 1. Jun 2025, at 14:04, Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com> >> wrote: >> > >> > All, >> > >> > As part of the shepherd write-up for the Token Status List document, >> > we are looking for information about implementations of this draft. >> > >> > https://datatracker.ietf.org/doc/draft-ietf-oauth-status-list/ >> > >> > Please, reply to this email, on the mailing list, with any >> implementations that you are aware of to support this document. >> > >> > Regards, >> > Rifaat >> > _______________________________________________ >> > OAuth mailing list -- oauth@ietf.org >> > To unsubscribe send an email to oauth-leave@ietf.org >> >> -------------- next part -------------- >> A message part incompatible with plain text digests has been removed ... >> Name: not available >> Type: text/html >> Size: 1492 bytes >> Desc: not available >> >> ------------------------------ >> >> Message: 2 >> Date: Mon, 2 Jun 2025 14:36:48 +0000 >> From: "Antic Kristian (C/CYG-GE)" <Kristian.Antic@de.bosch.com> >> Subject: [OAUTH-WG] Re: OAuth 2.1 Draft version 12 expired 19.05.2025 >> To: Aaron Parecki <aaron=40parecki.com@dmarc.ietf.org>, Rifaat >> Shekh-Yusef <rifaat.s.ietf@gmail.com> >> Cc: "oauth@ietf.org" <oauth@ietf.org> >> Message-ID: <DB9PR10MB80762ECF2748CA29098F2569A162A@DB9PR10MB8076.EUR >> PRD10.PROD.OUTLOOK.COM> >> Content-Type: multipart/alternative; boundary="_000_DB9PR10MB80762E >> CF2748CA29098F2569A162ADB9PR10MB8076EURP_" >> >> Hi, >> >> thank you both for your quick reply and Aaron for the updated draft >> version (https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-13) >> >> Mit freundlichen Grüßen / Best regards >> >> Kristian Antic >> >> Cyber Security - Governance Enterprise IT (C/CYG-GE) >> Robert Bosch GmbH | Postfach 30 02 20 | 70442 Stuttgart | GERMANY | >> www.bosch.com<http://www.bosch.com/> >> Kristian.Antic@de.bosch.com<mailto:Kristian.Antic@de.bosch.com> >> >> Sitz: Stuttgart, Registergericht: Amtsgericht Stuttgart, HRB 14000; >> Aufsichtsratsvorsitzender: Prof. Dr. Stefan Asenkerschbaumer; >> Geschäftsführung: Dr. Stefan Hartung, Dr. Christian Fischer, Dr. Markus >> Forschner, >> Stefan Grosch, Dr. Markus Heyn, Dr. Frank Meyer, Katja von Raven, Dr. >> Tanja Rückert >> >> From: Aaron Parecki <aaron=40parecki.com@dmarc.ietf.org> >> Sent: Wednesday, May 28, 2025 4:07 PM >> To: Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com> >> Cc: Antic Kristian (C/CYG-GE) <Kristian.Antic@de.bosch.com>; >> oauth@ietf.org >> Subject: Re: [OAUTH-WG] Re: OAuth 2.1 Draft version 12 expired 19.05.2025 >> >> I've been working on related documents, mainly the OAuth for Browser Apps >> BCP, and haven't come back around to this one in a while. >> >> I just published an update that fixes some references including updating >> the Security BCP references to RFC 9700, so it shows as an active draft >> again. >> >> Aaron >> >> >> On Fri, May 23, 2025 at 4:09 AM Rifaat Shekh-Yusef < >> rifaat.s.ietf@gmail.com<mailto:rifaat.s.ietf@gmail.com>> wrote: >> Hi Kristian, >> >> No, this does not mean that the document is near finalization. >> This just means that the authors did not have a chance to work on the >> document. >> >> Regards, >> Rifaat >> >> >> >> On Fri, May 23, 2025 at 5:02 AM Antic Kristian (C/CYG-GE) <Kristian.Antic= >> 40de.bosch.com@dmarc.ietf.org<mailto:40de.bosch.com@dmarc.ietf.org>> >> wrote: >> Dear OAuth Working Group, >> >> I have noticed that the latest draft (draft-ietf-oauth-v2-1-12< >> https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-12>) for >> OAuth 2.1 has expired on May 19, 2024. >> I would like to inquire whether this indicates that the specification is >> nearing finalization, or if work is underway on a new draft version. >> Thank you for your time and clarification. >> >> Mit freundlichen Grüßen / Best regards >> >> Kristian Antic >> >> Cyber Security - Governance Enterprise IT (C/CYG-GE) >> Robert Bosch GmbH | Postfach 30 02 20 | 70442 Stuttgart | GERMANY | >> www.bosch.com<http://www.bosch.com/> >> Kristian.Antic@de.bosch.com<mailto:Kristian.Antic@de.bosch.com> >> >> Sitz: Stuttgart, Registergericht: Amtsgericht Stuttgart, HRB 14000; >> Aufsichtsratsvorsitzender: Prof. Dr. Stefan Asenkerschbaumer; >> Geschäftsführung: Dr. Stefan Hartung, Dr. Christian Fischer, Dr. Markus >> Forschner, >> Stefan Grosch, Dr. Markus Heyn, Dr. Frank Meyer, Katja von Raven, Dr. >> Tanja Rückert >> >> _______________________________________________ >> OAuth mailing list -- oauth@ietf.org<mailto:oauth@ietf.org> >> To unsubscribe send an email to oauth-leave@ietf.org<mailto: >> oauth-leave@ietf.org> >> _______________________________________________ >> OAuth mailing list -- oauth@ietf.org<mailto:oauth@ietf.org> >> To unsubscribe send an email to oauth-leave@ietf.org<mailto: >> oauth-leave@ietf.org> >> -------------- next part -------------- >> A message part incompatible with plain text digests has been removed ... >> Name: not available >> Type: text/html >> Size: 9718 bytes >> Desc: not available >> >> ------------------------------ >> >> Subject: Digest Footer >> >> _______________________________________________ >> OAuth mailing list -- oauth@ietf.org >> To unsubscribe send an email to oauth-leave@ietf.org >> >> >> ------------------------------ >> >> End of OAuth Digest, Vol 200, Issue 2 >> ************************************* >> > > > ------------------------------ > *CONFIDENTIALITY NOTICE* > This message may contain confidential or legally privileged information. > If you are not the intended recipient, please immediately advise the > sender by reply e-mail that you received this message, and delete this > e-mail from your system. > Thank you for your cooperation > > _______________________________________________ > OAuth mailing list -- oauth@ietf.org > To unsubscribe send an email to oauth-leave@ietf.org > > _______________________________________________ > OAuth mailing list -- oauth@ietf.org > To unsubscribe send an email to oauth-leave@ietf.org >
- [OAUTH-WG] Token Status List Shepherd Write-up - … Rifaat Shekh-Yusef
- [OAUTH-WG] Re: Token Status List Shepherd Write-u… Michael Schwartz
- [OAUTH-WG] Re: Token Status List Shepherd Write-u… Christian Bormann
- [OAUTH-WG] Re: Token Status List Shepherd Write-u… Paul Bastian
- [OAUTH-WG] Re: Token Status List Shepherd Write-u… Rifaat Shekh-Yusef