[OAUTH-WG] OAuth Security Session, Monday, November 8, 1300-1500

Hannes Tschofenig <hannes.tschofenig@nsn.com> Wed, 27 October 2010 11:38 UTC

Return-Path: <hannes.tschofenig@nsn.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E5C6A3A69AA for <oauth@core3.amsl.com>; Wed, 27 Oct 2010 04:38:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.454
X-Spam-Level:
X-Spam-Status: No, score=-102.454 tagged_above=-999 required=5 tests=[AWL=0.145, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rqJYeDmd5UmJ for <oauth@core3.amsl.com>; Wed, 27 Oct 2010 04:38:50 -0700 (PDT)
Received: from demumfd001.nsn-inter.net (demumfd001.nsn-inter.net [93.183.12.32]) by core3.amsl.com (Postfix) with ESMTP id A833D3A69B7 for <oauth@ietf.org>; Wed, 27 Oct 2010 04:38:49 -0700 (PDT)
Received: from demuprx017.emea.nsn-intra.net ([10.150.129.56]) by demumfd001.nsn-inter.net (8.12.11.20060308/8.12.11) with ESMTP id o9RBeceW022510 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <oauth@ietf.org>; Wed, 27 Oct 2010 13:40:38 +0200
Received: from demuexc022.nsn-intra.net (demuexc022.nsn-intra.net [10.150.128.35]) by demuprx017.emea.nsn-intra.net (8.12.11.20060308/8.12.11) with ESMTP id o9RBeXAG022351 for <oauth@ietf.org>; Wed, 27 Oct 2010 13:40:38 +0200
Received: from FIESEXC015.nsn-intra.net ([10.159.0.23]) by demuexc022.nsn-intra.net with Microsoft SMTPSVC(6.0.3790.4675); Wed, 27 Oct 2010 13:40:34 +0200
Received: from 10.144.234.211 ([10.144.234.211]) by FIESEXC015.nsn-intra.net ([10.159.0.28]) via Exchange Front-End Server webmail.nsn-intra.net ([10.150.128.36]) with Microsoft Exchange Server HTTP-DAV ; Wed, 27 Oct 2010 11:40:32 +0000
User-Agent: Microsoft-Entourage/12.27.0.100910
Date: Wed, 27 Oct 2010 14:40:29 +0300
From: Hannes Tschofenig <hannes.tschofenig@nsn.com>
To: <oauth@ietf.org>
Message-ID: <C8EDEA5D.251C%hannes.tschofenig@nsn.com>
Thread-Topic: OAuth Security Session, Monday, November 8, 1300-1500
Thread-Index: Act1y8Et/Cb1HxQiukS1NX4yWyZ0KQ==
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
X-OriginalArrivalTime: 27 Oct 2010 11:40:34.0229 (UTC) FILETIME=[C44B9650:01CB75CB]
Subject: [OAUTH-WG] OAuth Security Session, Monday, November 8, 1300-1500
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Oct 2010 11:38:53 -0000

Hi all, 

We will start our conversations about Oauth security on Monday, November 8,
1300-1500. 

As a starting point I suggest to look at:
http://trac.tools.ietf.org/wg/oauth/trac/wiki/SecurityConsiderations
http://trac.tools.ietf.org/wg/oauth/trac/wiki/SignaturesWhy
http://tools.ietf.org/id/draft-tschofenig-oauth-signature-thoughts-00.txt

I will post information about the meeting room to the Oauth mailing list in
time before the meeting.

Ciao
Hannes