[OAUTH-WG] Weekly github digest (OAuth Activity Summary)

Repository Activity Summary Bot <do_not_reply@mnot.net> Sun, 16 June 2024 07:40 UTC

Return-Path: <do_not_reply@mnot.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D7DEC151064 for <oauth@ietfa.amsl.com>; Sun, 16 Jun 2024 00:40:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.706
X-Spam-Level:
X-Spam-Status: No, score=-6.706 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=mnot.net header.b="GNdTnKbC"; dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=messagingengine.com header.b="WTvK8AY5"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qW18rQPbnIRe for <oauth@ietfa.amsl.com>; Sun, 16 Jun 2024 00:40:07 -0700 (PDT)
Received: from fout8-smtp.messagingengine.com (fout8-smtp.messagingengine.com [103.168.172.151]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0328DC151071 for <oauth@ietf.org>; Sun, 16 Jun 2024 00:40:06 -0700 (PDT)
Received: from compute6.internal (compute6.nyi.internal [10.202.2.47]) by mailfout.nyi.internal (Postfix) with ESMTP id 3AEF413801BF for <oauth@ietf.org>; Sun, 16 Jun 2024 03:40:06 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163]) by compute6.internal (MEProxy); Sun, 16 Jun 2024 03:40:06 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h=cc :content-type:content-type:date:from:from:in-reply-to :mime-version:reply-to:subject:subject:to:to; s=fm2; t= 1718523606; x=1718610006; bh=yBncindd0pwJRFfqvtLNJA1Mgsxh+y3QB3v BnzwlQos=; b=GNdTnKbCq4ntxKDlYJXeWK6sel+rwi9vCc/SVkNEsSYv1Flhhgn 0aZkfxOut27HRMWNHQwqNXdsKc2ffqYngJBb2yJ8d/7X+TrqAGFJYo5aHpRzUPYP PeDyax7lk2l6dOPLag6MCRNNMbzJ8xZIRlPaKoLsODr5S5+9jhp6dB9wjaW8PRdV rlatmW896yYx4C6N3NW6lkQCgKp9HNqGHFBeKoBDknc6P2LeGelT2T8yxDUdr4wc gUnf2mfiao6uuM3C1zIydhVCN/t6m/HvqgyHeAqScF/AVLYT93ltww6TmILYgi7j Byk/cSDMS2aeRyVh/6/fSvS+IiT/PQKGYog==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date :feedback-id:feedback-id:from:from:in-reply-to:mime-version :reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1718523606; x= 1718610006; bh=yBncindd0pwJRFfqvtLNJA1Mgsxh+y3QB3vBnzwlQos=; b=W TvK8AY5wnxey/MsE8ZfrfCjGNJ+YJSqvMFkySb06XH1yOOBZHFvNXwhh7u29xeSD Q9eNw1LwYugZtjdlYq3HX09jYB43gqu6VcYE6K0tkuNRXtO9T0PoK1sdiS5yjU1I 9jr4KUwGr+rylXXvTGbuEh8rGIgi/iAlxpt73iyq8rGn5F/fZ2layS0ZXckRAZfd AK60urpi5JsjqMvZ6J2YjZTAunW/q41DT2BV9NjmyvX39ankVpRnVcQEQZVGQfgh LMVP6pio3vSf55ZiGkj0P0gMq5PfhLYQ2yb8qmpSul/V7GLLlJxZHPMo9pYrVEb9 R1ASSwfTYpE237cUDjiuA==
X-ME-Sender: <xms:1pZuZlTkQqYH-qVvX5Tb1Ln3HbtM7c1CNgKhnqJ0LzeJvYinRkMwCw> <xme:1pZuZuzLBIGTw0x4NiHyi2ZzPaRMUMm7_QWoHCjHbHIRdgG6KbIedTMEdP1_qzMp3 usKEDOkJzHuTa5AzA>
X-ME-Received: <xmr:1pZuZq0zMduPLkrTTrbt7uM6H3wQ2sf508vNfygLOJW0S9etxneatUfhcv9_>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvledrfedvvddguddvfecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecupfhoucgurghtvgcufhhivghlugculdegledmne cujfgurheptggghffvufesrgdttdertddtjeenucfhrhhomheptfgvphhoshhithhorhih ucettghtihhvihhthicuufhumhhmrghrhicuuehothcuoeguohgpnhhothgprhgvphhlhi esmhhnohhtrdhnvghtqeenucggtffrrghtthgvrhhnpeekfedvudetjedvfeekheeiveeu gfefhfetteevgeffkefffeetffdvleehudeiteenucffohhmrghinhepghhithhhuhgsrd gtohhmnecuvehluhhsthgvrhfuihiivgepgeenucfrrghrrghmpehmrghilhhfrhhomhep ughopghnohhtpghrvghplhihsehmnhhothdrnhgvth
X-ME-Proxy: <xmx:1pZuZtDav3ZBN73UzRRCKEqeAnCCGx5GWVhm78jkRfOsH9B5CLs2bQ> <xmx:1pZuZujOSkJiFIDuAOdkfA8A4BuIVJbXBzjNzHESbJgG1ll-8CzO_A> <xmx:1pZuZholhd7eivx0rb4kqr8ZVAaCqLnLKVbiufcV4pH6XiQrjUV1qg> <xmx:1pZuZpi5m5D-jxR8vOjxz9CEKc3o8abQT1oPMh7zriBx9YHCGSnFTw> <xmx:1pZuZhvReb4De6sdOcnD9BCWqyA05o2ep68uGgosuLFo2CASk3fmBW7P>
Feedback-ID: i1c3946f2:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <oauth@ietf.org>; Sun, 16 Jun 2024 03:40:05 -0400 (EDT)
Content-Type: multipart/alternative; boundary="===============5473625965784750741=="
MIME-Version: 1.0
From: Repository Activity Summary Bot <do_not_reply@mnot.net>
To: oauth@ietf.org
Message-Id: <20240616074007.0328DC151071@ietfa.amsl.com>
Date: Sun, 16 Jun 2024 00:40:06 -0700
Message-ID-Hash: BKIFFYF4BJK2RMGLSIPWJHTSP4C6AYK7
X-Message-ID-Hash: BKIFFYF4BJK2RMGLSIPWJHTSP4C6AYK7
X-MailFrom: do_not_reply@mnot.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [OAUTH-WG] Weekly github digest (OAuth Activity Summary)
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/EAkMhqgDMDy0scPm5hCZV4nG7Ns>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>



Events without label "editorial"

Issues
------
* oauth-wg/oauth-transaction-tokens (+0/-7/šŸ’¬11)
  9 issues received 11 new comments:
  - #96 Deployment models for the Transaction Token Service (1 by tulshi)
    https://github.com/oauth-wg/oauth-transaction-tokens/issues/96 
  - #95 Define discovery metadata for support of the Transaction Token functionality (1 by tulshi)
    https://github.com/oauth-wg/oauth-transaction-tokens/issues/95 [IETF120-discuss] 
  - #91 Clarification on additional signatures (1 by tulshi)
    https://github.com/oauth-wg/oauth-transaction-tokens/issues/91 
  - #88 Additional guidance on privacy in logging  (1 by tulshi)
    https://github.com/oauth-wg/oauth-transaction-tokens/issues/88 
  - #81 Clarify `sub` field (1 by tulshi)
    https://github.com/oauth-wg/oauth-transaction-tokens/issues/81 
  - #80 Extensibility of `azd` and `rctx` (3 by tulshi, yaronf)
    https://github.com/oauth-wg/oauth-transaction-tokens/issues/80 [IETF120-discuss] 
  - #79 Clarify difference between `rctx` and `azd` (1 by tulshi)
    https://github.com/oauth-wg/oauth-transaction-tokens/issues/79 
  - #78 `purp` claim name and optionality (1 by tulshi)
    https://github.com/oauth-wg/oauth-transaction-tokens/issues/78 
  - #53 Transaction Tokens for S2S calls (1 by tulshi)
    https://github.com/oauth-wg/oauth-transaction-tokens/issues/53 

  7 issues closed:
  - typo: `ieft` -> `ietf`  in `urn:ieft:params:oauth:token-type:txn-token` https://github.com/oauth-wg/oauth-transaction-tokens/issues/94 
  - Clarification on additional signatures https://github.com/oauth-wg/oauth-transaction-tokens/issues/91 
  - Additional guidance on privacy in logging  https://github.com/oauth-wg/oauth-transaction-tokens/issues/88 
  - Clarify `sub` field https://github.com/oauth-wg/oauth-transaction-tokens/issues/81 
  - Move 'aud' requirement in Trust Domain away from 'Terminology' section https://github.com/oauth-wg/oauth-transaction-tokens/issues/76 
  - Transaction Tokens for S2S calls https://github.com/oauth-wg/oauth-transaction-tokens/issues/53 
  - Possible confusion in IANA registry section https://github.com/oauth-wg/oauth-transaction-tokens/issues/84 

* oauth-wg/oauth-sd-jwt-vc (+0/-2/šŸ’¬2)
  2 issues received 2 new comments:
  - #211 Consider supporting IPLD links in vct field (1 by oed)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/211 [discuss] 
  - #208 SD-JWT VC Chaining / Delegation? (1 by awoie)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/208 [pending close] 

  2 issues closed:
  - SD-JWT VC Chaining / Delegation? https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/208 [pending close] 
  - Consider supporting IPLD links in vct field https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/211 [discuss] 

* oauth-wg/oauth-selective-disclosure-jwt (+0/-4/šŸ’¬2)
  2 issues received 2 new comments:
  - #419 why isn't cnf the only way to bind to a holder public key? (1 by bc-pi)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/419 [ready-for-PR] 
  - #393 Provide ABNF (1 by bc-pi)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/393 

  4 issues closed:
  - why isn't cnf the only way to bind to a holder public key? https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/419 [has-PR] 
  - Provide ABNF https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/393 [has-PR] 
  - Adapt JWS JSON Serialization wording to new terms SD-JWT/SD-JWT+KB https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/426 [has-PR] 
  - Separate token and presentation formats https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/374 [has-PR] 

* oauth-wg/oauth-v2-1 (+0/-1/šŸ’¬0)
  1 issues closed:
  - Typo: resource server instead of resource https://github.com/oauth-wg/oauth-v2-1/issues/177 



Pull requests
-------------
* oauth-wg/oauth-transaction-tokens (+1/-1/šŸ’¬0)
  1 pull requests submitted:
  - fixed typo ieft->ietf (issue #94) (by tulshi)
    https://github.com/oauth-wg/oauth-transaction-tokens/pull/98 

  1 pull requests merged:
  - fixed typo ieft->ietf (issue #94)
    https://github.com/oauth-wg/oauth-transaction-tokens/pull/98 

* oauth-wg/oauth-sd-jwt-vc (+0/-0/šŸ’¬1)
  1 pull requests received 1 new comments:
  - #231 Add schema type metadata (1 by awoie)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/231 

* oauth-wg/oauth-selective-disclosure-jwt (+4/-5/šŸ’¬6)
  4 pull requests submitted:
  - exclusively use the cnf claim for enabling Key Binding (by bc-pi)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/435 
  - add ABNF for those who celebrate (by bc-pi)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/434 
  - add some ABNF for those who celebrate (by bc-pi)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/433 
  - fix up permutations of the figures/examples in SD-JWT Data Formats (by bc-pi)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/432 

  3 pull requests received 6 new comments:
  - #435 exclusively use the cnf claim for enabling Key Binding (1 by bc-pi)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/435 
  - #431 Clarify algorithms for recursive disclosures (3 by Sakurann, bc-pi, danielfett)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/431 
  - #394 Distinguish SD-JWT from SD-JWT+KB (2 by Sakurann, bc-pi)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/394 

  5 pull requests merged:
  - exclusively use the cnf claim for enabling Key Binding
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/435 
  - fix up permutations of the figures/examples in SD-JWT Data Formats
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/432 
  - add ABNF for those who celebrate
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/434 
  - Update terminology in JWS JSON Serialization
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/427 
  - Distinguish SD-JWT from SD-JWT+KB
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/394 

* oauth-wg/oauth-v2-1 (+0/-1/šŸ’¬0)
  1 pull requests merged:
  - add self to acknowledgements
    https://github.com/oauth-wg/oauth-v2-1/pull/182 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/oauth-wg/oauth-browser-based-apps
* https://github.com/oauth-wg/oauth-identity-chaining
* https://github.com/oauth-wg/oauth-transaction-tokens
* https://github.com/oauth-wg/oauth-sd-jwt-vc
* https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata
* https://github.com/oauth-wg/oauth-cross-device-security
* https://github.com/oauth-wg/oauth-selective-disclosure-jwt
* https://github.com/oauth-wg/oauth-v2-1