Re: [OAUTH-WG] Fwd: New Version Notification for draft-campbell-oauth-mtls-00.txt

Sergey Beryozkin <sberyozkin@gmail.com> Fri, 07 April 2017 20:51 UTC

Return-Path: <sberyozkin@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E81C127869 for <oauth@ietfa.amsl.com>; Fri, 7 Apr 2017 13:51:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DzNIk4a8OcKK for <oauth@ietfa.amsl.com>; Fri, 7 Apr 2017 13:51:36 -0700 (PDT)
Received: from mail-wr0-x235.google.com (mail-wr0-x235.google.com [IPv6:2a00:1450:400c:c0c::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 20D9B127866 for <oauth@ietf.org>; Fri, 7 Apr 2017 13:51:36 -0700 (PDT)
Received: by mail-wr0-x235.google.com with SMTP id t20so116454904wra.1 for <oauth@ietf.org>; Fri, 07 Apr 2017 13:51:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding; bh=uXhBjOBDM6KVyipRsQ6iplinvv3GcjbrU7qAfN3twyk=; b=eHn7skuPVOpWmLGXmK+Pnpu8IGwhZi3HVFZiBfyWtU2DsFWDwI0Cmt44+AC4F95r9x HlaVRv0jxEuqihTIxRhqzTIDKi6DU/ICSZMFzt741v/CXcGof4IfeFhrthshlVRzgQdl pTrX2GVFEG+tPmQ3wW4+U8U7FR7zktgYYEfuPJ/S11Ee42APyaoZoJBt5IINHzAtMxe/ de7Qq7d8m0XA4/2yUwbD+a/L1eDOKGuTyZrXSgddzIm+5QkJre3icbr3zFC5ZmVwSbrf pzZTrr8CUgZUjYSMJY4LO4wlWhU0S+BkYYxwwdA+7k2iT1GVdQytjSH3pGLxqXk0Ey9+ U/OA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:cc:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=uXhBjOBDM6KVyipRsQ6iplinvv3GcjbrU7qAfN3twyk=; b=FBGctoyKskXkO5p7T93FQhpI0w8J+V9WnKBo4RQcRceRa9HVLzjUJaloaOO4oxs+0x 0+kUQ0E+WccztLpi2oJ4vE29ryzAFSWR8thHAi83p/XuiApZG2g9ZQWVRWGIYS17Ll3N p/brkh6QdZOph8RtgTd5oxDGSQMlvIYPFn3a85s8xh+Q88neyvF798Ysl783CVvjEOTd D9NkhNr6ygb+UiDEozd7qW6LeDABb9r7yvQt1vVdq3ffktv4s2633CUk0Q3jebMNrx+w XXcC1yZOSSxPr2GTmDWh/okjKBqYCz1JEt6FCBOHhC6yC2bF13VdJgGhhnd6QsD36cxc GtKg==
X-Gm-Message-State: AFeK/H2taDdfx+qX48xTsnAa8LE8Ce5gOng0sZZQq4MAx/t08YfcJvqsVKH3Pl+X1TGu+w==
X-Received: by 10.223.164.83 with SMTP id e19mr38537331wra.154.1491598294595; Fri, 07 Apr 2017 13:51:34 -0700 (PDT)
Received: from [192.168.2.7] ([46.7.75.128]) by smtp.googlemail.com with ESMTPSA id 186sm195142wml.2.2017.04.07.13.51.32 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 07 Apr 2017 13:51:32 -0700 (PDT)
To: Steve Hutchinson <sehutchinson@gmail.com>, John Bradley <ve7jtb@ve7jtb.com>
References: <149090694651.9027.6337833834024757190.idtracker@ietfa.amsl.com> <CAAX2Qa1OAoY0TOPX-19XgVrxq_63GN5obbh9VB_7851YXERfXA@mail.gmail.com> <CA+k3eCTZ=6vG=vpL2ZR3oDMG+LJBT8xMSoTsam8fR_0bbXf6OQ@mail.gmail.com> <d397fb25-8029-dd78-e10d-2dd0cd06f8d6@gmail.com> <CAANoGh+1zaGnE2JA2CUB_tpP_vp-xQTe4TR9GUfX41Ji89zOSw@mail.gmail.com> <bbef36bb-e080-a167-29ed-04fbab8c30f7@gmail.com> <CANG1RPnEEYg988Zz9hn=HGMJQxScgi93G8p3EzdNvGA=wh-4Uw@mail.gmail.com>
Cc: oauth <oauth@ietf.org>
From: Sergey Beryozkin <sberyozkin@gmail.com>
Message-ID: <ef575dec-ea3d-8439-c682-5f12b8113e75@gmail.com>
Date: Fri, 7 Apr 2017 21:51:17 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <CANG1RPnEEYg988Zz9hn=HGMJQxScgi93G8p3EzdNvGA=wh-4Uw@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/F34O_32HbvWd8FWZfccD3KLrDUY>
Subject: Re: [OAUTH-WG] Fwd: New Version Notification for draft-campbell-oauth-mtls-00.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Apr 2017 20:51:39 -0000

Hi All

I'm starting really believing now doing OAuth2 is as simple as spotting 
a difference between 'S' and 's' :-)

Thanks, Sergey
On 07/04/17 17:28, Steve Hutchinson wrote:
> Every time I think I couldn't be more impressed with the people who do
> actual standards work, someone raises the bar.
>
> Thanks Sergey!
>
> Hutch
>
>
> On Fri, Apr 7, 2017 at 10:42 AM Sergey Beryozkin <sberyozkin@gmail.com
> <mailto:sberyozkin@gmail.com>> wrote:
>
>     Hi John
>
>     I spotted it probably after the 10th iteration :-)
>
>     Cheers, Sergey
>     On 07/04/17 14:54, John Bradley wrote:
>     > It was a test to see who was really reading it:)
>     >
>     > On Fri, Apr 7, 2017 at 1:58 PM, Sergey Beryozkin
>     <sberyozkin@gmail.com <mailto:sberyozkin@gmail.com>
>     > <mailto:sberyozkin@gmail.com <mailto:sberyozkin@gmail.com>>> wrote:
>     >
>     >     Hi Brian
>     >
>     >     Thanks, a minor typo in the example,
>     >     "x5t#s256" as opposed to "x5t#S256"
>     >
>     >     (sorry if it was already reported, might've missed it)
>     >
>     >     Cheers, Sergey
>     >     On 30/03/17 22:15, Brian Campbell wrote:
>     >
>     >         This document, which I hope to present and discuss briefly at
>     >         tomorrow's
>     >         meeting, replaces (but keeps the feature) the Mutual TLS
>     >         Authentication
>     >         for OAuth Clients
>     >
>      <https://tools.ietf.org/html/draft-campbell-oauth-tls-client-auth-00
>     >
>      <https://tools.ietf.org/html/draft-campbell-oauth-tls-client-auth-00>>
>     >         that was published leading up to the Seoul meeting
>     >
>      <https://www.ietf.org/mail-archive/web/oauth/current/msg16704.html
>     >
>      <https://www.ietf.org/mail-archive/web/oauth/current/msg16704.html>>
>     >         and
>     >         adds mutual TLS sender constrained access to OAuth protected
>     >         resources.
>     >         The concept for the latter was largely derived from one of the
>     >         options
>     >         in the JPOP draft
>     >         <https://tools.ietf.org/html/draft-sakimura-oauth-jpop-04
>     >         <https://tools.ietf.org/html/draft-sakimura-oauth-jpop-04>>. I
>     >         apologize
>     >         for the 11th hour publication but hope some folks will have a
>     >         chance to
>     >         read it.
>     >
>     >         ---------- Forwarded message ----------
>     >         From: ** <internet-drafts@ietf.org
>     <mailto:internet-drafts@ietf.org>
>     >         <mailto:internet-drafts@ietf.org
>     <mailto:internet-drafts@ietf.org>>
>     >         <mailto:internet-drafts@ietf.org
>     <mailto:internet-drafts@ietf.org> <mailto:internet-drafts@ietf.org
>     <mailto:internet-drafts@ietf.org>>>>
>     >         Date: Thu, Mar 30, 2017 at 3:49 PM
>     >         Subject: New Version Notification for
>     >         draft-campbell-oauth-mtls-00.txt
>     >         To: Brian Campbell <brian.d.campbell@gmail.com
>     <mailto:brian.d.campbell@gmail.com>
>     >         <mailto:brian.d.campbell@gmail.com
>     <mailto:brian.d.campbell@gmail.com>>
>     >         <mailto:brian.d.campbell@gmail.com
>     <mailto:brian.d.campbell@gmail.com>
>     >         <mailto:brian.d.campbell@gmail.com
>     <mailto:brian.d.campbell@gmail.com>>>>, Nat Sakimura
>     >         <n-sakimura@nri.co.jp <mailto:n-sakimura@nri.co.jp>
>     <mailto:n-sakimura@nri.co.jp <mailto:n-sakimura@nri.co.jp>>
>     >         <mailto:n-sakimura@nri.co.jp <mailto:n-sakimura@nri.co.jp>
>     <mailto:n-sakimura@nri.co.jp <mailto:n-sakimura@nri.co.jp>>>>,
>     >         Torsten Lodderstedt
>     >         <torsten@lodderstedt.net <mailto:torsten@lodderstedt.net>
>     <mailto:torsten@lodderstedt.net <mailto:torsten@lodderstedt.net>>
>     >         <mailto:torsten@lodderstedt.net
>     <mailto:torsten@lodderstedt.net>
>     >         <mailto:torsten@lodderstedt.net
>     <mailto:torsten@lodderstedt.net>>>>, John Bradley
>     >         <ve7jtb@ve7jtb.com <mailto:ve7jtb@ve7jtb.com>
>     <mailto:ve7jtb@ve7jtb.com <mailto:ve7jtb@ve7jtb.com>>
>     >         <mailto:ve7jtb@ve7jtb.com <mailto:ve7jtb@ve7jtb.com>
>     <mailto:ve7jtb@ve7jtb.com <mailto:ve7jtb@ve7jtb.com>>>>
>     >
>     >
>     >
>     >         A new version of I-D, draft-campbell-oauth-mtls-00.txt
>     >         has been successfully submitted by Brian Campbell and
>     posted to the
>     >         IETF repository.
>     >
>     >         Name:           draft-campbell-oauth-mtls
>     >         Revision:       00
>     >         Title:          Mutual TLS Profiles for OAuth Clients
>     >         Document date:  2017-03-30
>     >         Group:          Individual Submission
>     >         Pages:          10
>     >         URL:
>     >
>      https://www.ietf.org/internet-drafts/draft-campbell-oauth-mtls-00.txt
>     >
>      <https://www.ietf.org/internet-drafts/draft-campbell-oauth-mtls-00.txt>
>     >
>      <https://www.ietf.org/internet-drafts/draft-campbell-oauth-mtls-00.txt
>     >
>      <https://www.ietf.org/internet-drafts/draft-campbell-oauth-mtls-00.txt>>
>     >         Status:
>     >          https://datatracker.ietf.org/doc/draft-campbell-oauth-mtls/
>     >         <https://datatracker.ietf.org/doc/draft-campbell-oauth-mtls/>
>     >         <https://datatracker.ietf.org/doc/draft-campbell-oauth-mtls/
>     >         <https://datatracker.ietf.org/doc/draft-campbell-oauth-mtls/>>
>     >         Htmlized:
>     >          https://tools.ietf.org/html/draft-campbell-oauth-mtls-00
>     >         <https://tools.ietf.org/html/draft-campbell-oauth-mtls-00>
>     >         <https://tools.ietf.org/html/draft-campbell-oauth-mtls-00
>     >         <https://tools.ietf.org/html/draft-campbell-oauth-mtls-00>>
>     >         Htmlized:
>     >
>     https://datatracker.ietf.org/doc/html/draft-campbell-oauth-mtls-00
>     >
>      <https://datatracker.ietf.org/doc/html/draft-campbell-oauth-mtls-00>
>     >
>      <https://datatracker.ietf.org/doc/html/draft-campbell-oauth-mtls-00
>     >
>      <https://datatracker.ietf.org/doc/html/draft-campbell-oauth-mtls-00>>
>     >
>     >
>     >         Abstract:
>     >            This document describes Transport Layer Security (TLS)
>     mutual
>     >            authentication using X.509 certificates as a mechanism for
>     >         both OAuth
>     >            client authentication to the token endpoint as well as
>     for sender
>     >            constrained access to OAuth protected resources.
>     >
>     >
>     >
>     >
>     >         Please note that it may take a couple of minutes from the time
>     >         of submission
>     >         until the htmlized version and diff are available at
>     >         tools.ietf.org <http://tools.ietf.org> <http://tools.ietf.org>
>     >         <http://tools.ietf.org>.
>     >
>     >         The IETF Secretariat
>     >
>     >
>     >
>     >
>     >
>     >         _______________________________________________
>     >         OAuth mailing list
>     >         OAuth@ietf.org <mailto:OAuth@ietf.org>
>     <mailto:OAuth@ietf.org <mailto:OAuth@ietf.org>>
>     >         https://www.ietf.org/mailman/listinfo/oauth
>     >         <https://www.ietf.org/mailman/listinfo/oauth>
>     >
>     >
>     >     _______________________________________________
>     >     OAuth mailing list
>     >     OAuth@ietf.org <mailto:OAuth@ietf.org> <mailto:OAuth@ietf.org
>     <mailto:OAuth@ietf.org>>
>     >     https://www.ietf.org/mailman/listinfo/oauth
>     >     <https://www.ietf.org/mailman/listinfo/oauth>
>     >
>     >
>
>     _______________________________________________
>     OAuth mailing list
>     OAuth@ietf.org <mailto:OAuth@ietf.org>
>     https://www.ietf.org/mailman/listinfo/oauth
>