Re: [OAUTH-WG] Authentication Method Reference Values is now RFC 8176

"Phil Hunt (IDM)" <phil.hunt@oracle.com> Sat, 17 June 2017 02:25 UTC

Return-Path: <phil.hunt@oracle.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D39E12E854 for <oauth@ietfa.amsl.com>; Fri, 16 Jun 2017 19:25:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.137
X-Spam-Level:
X-Spam-Status: No, score=-2.137 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, HTML_OBFUSCATE_10_20=0.093, HTTPS_HTTP_MISMATCH=1.989, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X1wlQA3SdnFb for <oauth@ietfa.amsl.com>; Fri, 16 Jun 2017 19:25:39 -0700 (PDT)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0F3FC126CC7 for <oauth@ietf.org>; Fri, 16 Jun 2017 19:25:39 -0700 (PDT)
Received: from aserv0021.oracle.com (aserv0021.oracle.com [141.146.126.233]) by userp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id v5H2Pb3t001782 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Sat, 17 Jun 2017 02:25:38 GMT
Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235]) by aserv0021.oracle.com (8.13.8/8.14.4) with ESMTP id v5H2Pbgr007403 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Sat, 17 Jun 2017 02:25:37 GMT
Received: from abhmp0002.oracle.com (abhmp0002.oracle.com [141.146.116.8]) by aserv0121.oracle.com (8.13.8/8.13.8) with ESMTP id v5H2PZLm027581; Sat, 17 Jun 2017 02:25:36 GMT
Received: from [192.168.1.22] (/174.7.250.104) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Fri, 16 Jun 2017 19:25:35 -0700
Content-Type: multipart/alternative; boundary=Apple-Mail-1FBD6D2D-90BC-432A-8B19-8E3464045E46
Mime-Version: 1.0 (1.0)
From: "Phil Hunt (IDM)" <phil.hunt@oracle.com>
X-Mailer: iPhone Mail (14F89)
In-Reply-To: <CY4PR21MB0504ED00B9D8A5381A19AE0EF5C60@CY4PR21MB0504.namprd21.prod.outlook.com>
Date: Fri, 16 Jun 2017 19:25:33 -0700
Cc: "oauth@ietf.org" <oauth@ietf.org>
Content-Transfer-Encoding: 7bit
Message-Id: <FBB3E971-3E3C-474C-B82C-6C23058002CB@oracle.com>
References: <CY4PR21MB0504ED00B9D8A5381A19AE0EF5C60@CY4PR21MB0504.namprd21.prod.outlook.com>
To: Mike Jones <Michael.Jones@microsoft.com>
X-Source-IP: aserv0021.oracle.com [141.146.126.233]
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/EsvfB9LCBo5HjvErTbu5g8_-oh0>
Subject: Re: [OAUTH-WG] Authentication Method Reference Values is now RFC 8176
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Jun 2017 02:25:41 -0000

Thank you Mike!

Phil

> On Jun 16, 2017, at 5:50 PM, Mike Jones <Michael.Jones@microsoft.com> wrote:
> 
> The Authentication Method Reference Values specification is now RFC 8176.  The abstract describes the specification as:
>  
> The amr (Authentication Methods References) claim is defined and registered in the IANA "JSON Web Token Claims" registry, but no standard Authentication Method Reference values are currently defined. This specification establishes a registry for Authentication Method Reference values and defines an initial set of Authentication Method Reference values.
>  
> The specification defines and registers some Authentication Method Reference values such as the following, which are already in use by some Google and Microsoft products and OpenID specifications:
> “face” – Facial recognition
> “fpt” – Fingerprint
> “hwk” – Proof-of-possession of a hardware-secured key
> “otp” – One-time password
> “pin” – Personal Identification Number
> “pwd” – Password
> “swk” – Proof-of-possession of a software-secured key
> “sms” – Confirmation using SMS
> “user” – User presence test
> “wia” – Windows Integrated Authentication
> See https://www.iana.org/assignments/authentication-method-reference-values/ for the full list of registered values.
>  
> Thanks to Caleb Baker, Phil Hunt, Tony Nadalin, and William Denniss, all of whom substantially contributed to the specification.  Thanks also to the OAuth working group members, chairs, area directors, and other IETF members who helped refine the specification.
>  
>                                                                 -- Mike
>  
> P.S.  This announcement was also posted at http://self-issued.info/?p=1701 and as @selfissued.
>  
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_oauth&d=DwICAg&c=RoP1YumCXCgaWHvlZYR8PQcxBKCX5YTpkKY057SbK10&r=JBm5biRrKugCH0FkITSeGJxPEivzjWwlNKe4C_lLIGk&m=c4h3kFuEtVHltGQ2Mo4qOxZUNOdHh2wTrdydAc7z8zQ&s=SzWRl9usAtrZR4uccnnP_Cq3XEwz6np9UhOmTtxF8rA&e=