Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1])
 by ietfa.amsl.com (Postfix) with ESMTP id 53CF51A1BA3
 for <oauth@ietfa.amsl.com>; Thu, 19 Feb 2015 00:40:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level: 
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5
 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001,
 SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44])
 by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 8FlqjIOv-6pR for <oauth@ietfa.amsl.com>;
 Thu, 19 Feb 2015 00:40:38 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.21])
 (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ietfa.amsl.com (Postfix) with ESMTPS id 2DF041A1B76
 for <oauth@ietf.org>; Thu, 19 Feb 2015 00:40:38 -0800 (PST)
Received: from [192.168.131.130] ([80.92.119.127]) by mail.gmx.com (mrgmx103)
 with ESMTPSA (Nemesis) id 0LpbfG-1Xstzp2ye6-00fRT0;
 Thu, 19 Feb 2015 09:40:35 +0100
Message-ID: <54E5A0EE.70309@gmx.net>
Date: Thu, 19 Feb 2015 09:38:06 +0100
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version: 1.0
To: Security Developer <security.developer22@gmail.com>, oauth@ietf.org, 
 ve7jtb@ve7jtb.com
References: <CAD-drXsWwk_-SH9wsVW7spNWmTzGjja-uhEk8ZYWBZc7Xw7bcw@mail.gmail.com>
In-Reply-To: <CAD-drXsWwk_-SH9wsVW7spNWmTzGjja-uhEk8ZYWBZc7Xw7bcw@mail.gmail.com>
OpenPGP: id=4D776BC9
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature";
 boundary="NMROj0iRkM75MwfHJ1DkJaaCfusdlL93f"
X-Provags-ID: V03:K0:JkYOPmnBaUv9jTUZbb7aMqFQppuj41bGyByR6WyeYvVmswvRxic
 /8a/9Hg0wQCU2mzalF3XYETkx4Pw8GwZ2wdsrFohIl2hbqMPqxIYMxDn83SZhiclJxuLuyl
 J8EviisDiCovx9UCe+qTXivy9l4JshDd3kG5GTFae3u/xeLpHIb/+4rcEyK/rPfLvibY9W2
 KIPHaNFq4w1LSXvm0O7Jw==
X-UI-Out-Filterresults: notjunk:1;
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/GvO0Cm4Q1duO0WJrbMo5HxAzA_o>
Subject: Re: [OAUTH-WG] OAuth POP query
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>,
 <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>,
 <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Feb 2015 08:40:40 -0000

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--NMROj0iRkM75MwfHJ1DkJaaCfusdlL93f
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

Sorry for the late reply.

For the PoP architecture document we initiated the WGLC last year and a
new document has to be submitted to address those comments. I believe
then it is ready for the IESG.

The WGLC for the draft-ietf-oauth-proof-of-possession-00 should be
started next. Maybe already this week since we are doing OK with some of
our other documents.

The weakest part of the story at the moment is the
draft-ietf-oauth-signed-http-request-00 document. For this we obviously
need input from the group.

On 02/14/2015 12:40 PM, Security Developer wrote:
> Hi,
>=20
> I have a couple of questions.
>=20
> 1- What is the status of these documents as I am interested in
> implementing POP
>=20
> draft-ietf-oauth-pop-architecture-00.pdf
> draft-ietf-oauth-pop-key-distribution-00.pdf
> draft-ietf-oauth-proof-of-possession-00.pdf
> draft-ietf-oauth-signed-http-request-00.pdf
>=20
> 2- Should Authorization server restrict the number of authorization
> codes issued to a single user after successful authentication and
> authorization in OAuth? also What is the good practice in this case?
>=20
> Thanks for your time.
>=20
>=20
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>=20


--NMROj0iRkM75MwfHJ1DkJaaCfusdlL93f
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: GPGTools - http://gpgtools.org

iQEcBAEBCgAGBQJU5aDuAAoJEGhJURNOOiAtcBQIAKBCClDghZGFMkoomIxyWeAR
UtnL57JnAfcWEdo2sDYNaBUCsqLWAonpLBqVcyfnVyewU3ETGntYY8DtQpoWPzM5
hMrH9mKi1pFpvBAgFxnDZYwRuVqmxM9f/4UkI+54KuuOmfCE7HFrUW9q5cPdoR1M
n+P45Hfd/cW8X5THoQS0L0ZCGzMZfP2hFYdWzn6JDzA/D764NgXXEYwC5DKUsTxJ
lpiGlrvxY4+XBEuOITLfGxdfA8NvzNz0jtIsAVCAOxiu/Ao7dpHcMkSUQwDo5+va
tSThfwt0Z/RnIoIQFf2UrT+t8eM8lDSVa9fMiXnafLTc9xOH9LYI07U4+XAzBmE=
=bjfp
-----END PGP SIGNATURE-----

--NMROj0iRkM75MwfHJ1DkJaaCfusdlL93f--