[OAUTH-WG] Fwd: New Version Notification for draft-campbell-oauth-tbpkce-00.txt
Brian Campbell <bcampbell@pingidentity.com> Fri, 08 July 2016 17:12 UTC
Return-Path: <bcampbell@pingidentity.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 93DDE12D580 for <oauth@ietfa.amsl.com>; Fri, 8 Jul 2016 10:12:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pingidentity.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MNv8VUn0uOpc for <oauth@ietfa.amsl.com>; Fri, 8 Jul 2016 10:12:01 -0700 (PDT)
Received: from mail-it0-x22f.google.com (mail-it0-x22f.google.com [IPv6:2607:f8b0:4001:c0b::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA17C12D592 for <oauth@ietf.org>; Fri, 8 Jul 2016 10:12:01 -0700 (PDT)
Received: by mail-it0-x22f.google.com with SMTP id j8so2234659itb.1 for <oauth@ietf.org>; Fri, 08 Jul 2016 10:12:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=gmail; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=o14Dx3MeH2p7LgtPEaZo5QeUDUvhTvrHqP+/me08QtA=; b=DXRBrTHWuch3MaSUyCpLEIx49EPPcAbrc1BZQlKE4EkTnsbI0LZJduLzTD7yePlyId MdcQcg4nbbeuiS5zx6fI+zWo+v8NE0OylGfZCL704Jb6DXY4DG5CdWZDEV2Es1IBTgsA wTHfh6BMm19R0pKhvBKtddRtBkvUOaXPpMNaw=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=o14Dx3MeH2p7LgtPEaZo5QeUDUvhTvrHqP+/me08QtA=; b=ECavLawUn2XZ0q8bSr62+02LvkE5RkeiiaHV3jMfnDsj7/DXiU3D46Qr2xcIm3+WmE ksRYG4n4/0zi+HhS9JKZhPVN7vG0dHv5bZtSGIWbynoURvoGe7feUszB5SNgQ8K+sRX4 swPZTrQRSS9W2+YQk8sPWUjW4j8ZUHvOahnoXZ2BEDPEM87CzPRoITf5VxOP7gKanjaI eGijfzS3mGPyXMNAIyBMXY0OYda9/k/MB6zUmAXeMXrw67jMrlBBQFMha2yiyuLgMDZj /LHczjEbmd8ynCy5VBkn5/MVKimShk1KLZKBWAMTNnlsig7EDilGayL34+Is8wWhaglK /oTw==
X-Gm-Message-State: ALyK8tIVSLw/I159uU1q6b3ecTTo78igw7kU5TXGLUGS6HxikF9e5Hp/lVChS1iVMeh7hyHtJSFPaFhjNqpYu1GP
X-Received: by 10.36.110.142 with SMTP id w136mr4502445itc.63.1467997920833; Fri, 08 Jul 2016 10:12:00 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.79.120.194 with HTTP; Fri, 8 Jul 2016 10:11:30 -0700 (PDT)
In-Reply-To: <CAAX2Qa2vG8Wa=t1FhdC4-aPSBwTaxw+Fk1bdaLV_HTwmRAvXdw@mail.gmail.com>
References: <20160708162532.32067.26007.idtracker@ietfa.amsl.com> <CAAX2Qa2vG8Wa=t1FhdC4-aPSBwTaxw+Fk1bdaLV_HTwmRAvXdw@mail.gmail.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Fri, 08 Jul 2016 11:11:30 -0600
Message-ID: <CA+k3eCSXGCE++Py9ziNg+15iAUEGphJyf-_jH5ABUppyPTwjig@mail.gmail.com>
To: oauth <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="001a11485f429a4ca0053722e6e2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/BhyAA0F7ari8Ncqqm1MhM0Rg01E>
Cc: "oauth-chairs@tools.ietf.org" <oauth-chairs@tools.ietf.org>
Subject: [OAUTH-WG] Fwd: New Version Notification for draft-campbell-oauth-tbpkce-00.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jul 2016 17:12:03 -0000
This extremely short draft is an initial take at utilizing Token Binding for PKCE. Charis, I'd like to request a small chunk of time in Berlin to present this as part of the wider conversation around the applications of Token Binding to OAuth. Thanks! ---------- Forwarded message ---------- From: <internet-drafts@ietf.org> Date: Fri, Jul 8, 2016 at 10:25 AM Subject: New Version Notification for draft-campbell-oauth-tbpkce-00.txt To: <...> A new version of I-D, draft-campbell-oauth-tbpkce-00.txt has been successfully submitted by Brian Campbell and posted to the IETF repository. Name: draft-campbell-oauth-tbpkce Revision: 00 Title: A Token Binding method for OAuth 2.0 Proof Key for Code Exchange Document date: 2016-07-08 Group: Individual Submission Pages: 5 URL: https://www.ietf.org/internet-drafts/draft-campbell-oauth-tbpkce-00.txt Status: https://datatracker.ietf.org/doc/draft-campbell-oauth-tbpkce/ Htmlized: https://tools.ietf.org/html/draft-campbell-oauth-tbpkce-00 Abstract: This specification describes a Proof Key for Code Exchange (PKCE) [RFC7636] method utilizing Token Binding over HTTP [I-D.ietf-tokbind-https] to cryptographically bind the OAuth 2.0 [RFC6749] authorization code to a key pair on the client, which it proves possession of during the access token request with the authorization code. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
- [OAUTH-WG] Fwd: New Version Notification for draf… Brian Campbell
- Re: [OAUTH-WG] New Version Notification for draft… Brian Campbell