[OAUTH-WG] Weekly github digest (OAuth Activity Summary)

Repository Activity Summary Bot <do_not_reply@mnot.net> Sun, 18 August 2024 07:40 UTC

Return-Path: <do_not_reply@mnot.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5D9AC151527 for <oauth@ietfa.amsl.com>; Sun, 18 Aug 2024 00:40:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.706
X-Spam-Level:
X-Spam-Status: No, score=-1.706 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=mnot.net header.b="IPnj/FM+"; dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=messagingengine.com header.b="f7OOhPyV"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OMLtGW2CPp0j for <oauth@ietfa.amsl.com>; Sun, 18 Aug 2024 00:40:03 -0700 (PDT)
Received: from fout3-smtp.messagingengine.com (fout3-smtp.messagingengine.com [103.168.172.146]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32B68C151076 for <oauth@ietf.org>; Sun, 18 Aug 2024 00:40:03 -0700 (PDT)
Received: from phl-compute-03.internal (phl-compute-03.nyi.internal [10.202.2.43]) by mailfout.nyi.internal (Postfix) with ESMTP id 8858B1390064 for <oauth@ietf.org>; Sun, 18 Aug 2024 03:40:02 -0400 (EDT)
Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-03.internal (MEProxy); Sun, 18 Aug 2024 03:40:02 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h=cc :content-type:content-type:date:from:from:in-reply-to :mime-version:reply-to:subject:subject:to:to; s=fm1; t= 1723966802; x=1724053202; bh=SUZKUf8JOIrTr5I4v6ue02CIpw+Mu7sfsDd JCEyqAqU=; b=IPnj/FM+ZT1210fux+kLmu0SPKMxMdrc35Rc5T3Q0Q/nOVl5dGq 16noN8tvbUfeVCuKeLsE55sT4Hc5hJBS6xXK+JlLz6Cbcpum06PHwE+qZ7KEoIUQ r7auS/uHQrWK2dP6txNOvtqcI5Vqm1BCHy+E5LD3hfPjEI/4MaUc7SNm3kJS8HgT uRuGB2GJfLGajf3k58Ppw+Ed9+M59l9BZtIw5oZ0OANOTkCc82K9/qllH9vRRTc4 auz306eF8hYs0qDtp78BdAXF4i3xFqKI/i21Vp9+wDJGwXs8W6auo5uF9hkxe+NE d1P3HVtlLrSav+w15tCt3qKUR70VZ8SsyUw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date :feedback-id:feedback-id:from:from:in-reply-to:mime-version :reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1723966802; x= 1724053202; bh=SUZKUf8JOIrTr5I4v6ue02CIpw+Mu7sfsDdJCEyqAqU=; b=f 7OOhPyV3XuKbXniEa7c+OP8f7/4rNLGsEA/ghG6OMhp/oylqENG8ddWLOCVjdfKW etlSIhSfvdcf40w2gHMO1rnymS0V8DuLe1Z+6+1Taz1mHqfCReiZvgcV9mRLsC57 cSA2ZCUuZaCfWTO7FWF8x6/ZZoB+5P2rMxAdVOkIQAi09V3+n6s/P5q/JZgHK1PL tx2GZfulFH+vX3QDh5Uwp0/aKxWtwUiHsi0TfIaTLCPhYMnYQKDXvDZpe3zDNQ4r eYzLUJAID1O/UJ3+86g9gChM3itMty3H6v9O7ObpI+vLhMaDRqXV5t8lATksDhCS 7s8JynhH11JJctMNPdkBQ==
X-ME-Sender: <xms:UqXBZqdPtCXSeqpOja19maR02iQ8NYAzF_VnHne_o62ydLuttWOMBg> <xme:UqXBZkMQQJWjPdvBz2XUMxzuTBiY2qkf3lCWbNKoj1ZBG8AuIggGL9OdaLXzVUX1F -OQXLZ28sRxqR8pJg>
X-ME-Received: <xmr:UqXBZrh2ByqjEHPDtX60WI6gW8Q5ZObwzEF25RPkpo9-6rEuR2dUhrYFt7-drriR_6Tnlg1wepvimSs1JAD4Q_uufD9xuC5EHs4gq2ahmSW1HYUF3qD0aN_j7cZ57O0Qinwl>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrudduuddguddvvdcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpggftfghnshhusghstghrihgsvgdp uffrtefokffrpgfnqfghnecuuegrihhlohhuthemuceftddtnecupfhoucgurghtvgcufh hivghlugculdegledmnecujfgurheptggghffvufesrgdttdertddtjeenucfhrhhomhep tfgvphhoshhithhorhihucettghtihhvihhthicuufhumhhmrghrhicuuehothcuoeguoh gpnhhothgprhgvphhlhiesmhhnohhtrdhnvghtqeenucggtffrrghtthgvrhhnpeekfedv udetjedvfeekheeiveeugfefhfetteevgeffkefffeetffdvleehudeiteenucffohhmrg hinhepghhithhhuhgsrdgtohhmnecuvehluhhsthgvrhfuihiivgepfeenucfrrghrrghm pehmrghilhhfrhhomhepughopghnohhtpghrvghplhihsehmnhhothdrnhgvthdpnhgspg hrtghpthhtohepuddpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepohgruhhthhes ihgvthhfrdhorhhg
X-ME-Proxy: <xmx:UqXBZn9IWuBVaFlk3OpPWBgbR9cwYJ502hJxQn7P6QcBaCbkZh-VHQ> <xmx:UqXBZmu86taRBvtQLtESCb_DuoW9OSAccLmoWpvcwipCwh1u-mompg> <xmx:UqXBZuH3xGTXgga7Lb3usRaBTegBRiEYnxPdrdv_Q0HFgQqAn4MhLA> <xmx:UqXBZlNCm_KIacs6I1E-SZIsH9sHgFXpi1LrZ969R8mdOkWMDeO7wA> <xmx:UqXBZv7LiuzuUtWhArwWslfk_YMIpJnYt-PI7uaSI7oGyCF-SnaEFx8a>
Feedback-ID: i1c3946f2:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <oauth@ietf.org>; Sun, 18 Aug 2024 03:40:02 -0400 (EDT)
Content-Type: multipart/alternative; boundary="===============7001517345069457470=="
MIME-Version: 1.0
From: Repository Activity Summary Bot <do_not_reply@mnot.net>
To: oauth@ietf.org
Message-Id: <20240818074003.32B68C151076@ietfa.amsl.com>
Date: Sun, 18 Aug 2024 00:40:03 -0700
Message-ID-Hash: WYC7J5TLRUBCIWXYUGFHNRUO2GCIP6CG
X-Message-ID-Hash: WYC7J5TLRUBCIWXYUGFHNRUO2GCIP6CG
X-MailFrom: do_not_reply@mnot.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [OAUTH-WG] Weekly github digest (OAuth Activity Summary)
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/MKaS_J_bbCq6biGVZVGp26hNpQ4>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>



Events without label "editorial"

Issues
------
* oauth-wg/oauth-sd-jwt-vc (+0/-0/šŸ’¬4)
  4 issues received 4 new comments:
  - #250 Drop all references to DIDs and DID resolution (1 by leifj)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/250 
  - #243 use SD-JWT+KB in place of SD-JWT with a Key Binding JWT (1 by bc-pi)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/243 
  - #212 Embedded Issuer Policies (1 by bc-pi)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/212 [pending close] 
  - #145 how cnf claim can be used with any other types of "binding" (1 by danielfett)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/145 [discuss] 

* oauth-wg/draft-ietf-oauth-status-list (+1/-3/šŸ’¬8)
  1 issues created:
  - Remove requirement on matching iss values (by paulbastian)
    https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/159 

  7 issues received 8 new comments:
  - #158 Explain Status List Provider and other roles in the introduction (1 by paulbastian)
    https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/158 
  - #62 Privacy requirement - how to provide and demonstrate the consent given to the RP to allow it to check the revocation status (1 by paulbastian)
    https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/62 
  - #47 requirement for status list size (1 by paulbastian)
    https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/47 
  - #46 Mandatory signature algorithms? (1 by paulbastian)
    https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/46 
  - #38 Mixing JSON and CBOR formats (1 by paulbastian)
    https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/38 
  - #26 rename "referenced token"  (2 by david-bakker, paulbastian)
    https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/26 
  - #10 Ownership of the status endpoint and third party status list providers use case (1 by paulbastian)
    https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/10 

  3 issues closed:
  - Mandatory signature algorithms? https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/46 
  - Rename claim names of Referenced Token https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/40 
  - Ownership of the status endpoint and third party status list providers use case https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/10 



Pull requests
-------------
* oauth-wg/oauth-transaction-tokens (+0/-0/šŸ’¬1)
  1 pull requests received 1 new comments:
  - #122 added unsigned json subject token type (1 by tulshi)
    https://github.com/oauth-wg/oauth-transaction-tokens/pull/122 

* oauth-wg/draft-ietf-oauth-resource-metadata (+1/-1/šŸ’¬0)
  1 pull requests submitted:
  - Apply Deb Cooley's review feedback (by selfissued)
    https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata/pull/47 

  1 pull requests merged:
  - Apply Deb Cooley's review feedback
    https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata/pull/47 

* oauth-wg/oauth-selective-disclosure-jwt (+2/-3/šŸ’¬7)
  2 pull requests submitted:
  - a new PR to note PR #452 in document history (by bc-pi)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/453 
  - tightening the exposition (by Sakurann)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/452 

  4 pull requests received 7 new comments:
  - #452 tightening the exposition (3 by Sakurann, bc-pi)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/452 
  - #451 attempt to better frame the risks and difficulties around Issuer/Verifier unlinkability (2 by Sakurann, bc-pi)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/451 
  - #450 Add Martin to acknowledgments (1 by bc-pi)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/450 
  - #448 Strengthen privacy considerations (1 by bc-pi)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/448 

  3 pull requests merged:
  - attempt to better frame the risks and difficulties around Issuer/Verifier unlinkability
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/451 
  - tightening the exposition
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/452 
  - Add Martin to acknowledgments
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/450 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/oauth-wg/oauth-browser-based-apps
* https://github.com/oauth-wg/oauth-identity-chaining
* https://github.com/oauth-wg/oauth-transaction-tokens
* https://github.com/oauth-wg/oauth-sd-jwt-vc
* https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata
* https://github.com/oauth-wg/oauth-cross-device-security
* https://github.com/oauth-wg/oauth-selective-disclosure-jwt
* https://github.com/oauth-wg/oauth-v2-1
* https://github.com/oauth-wg/draft-ietf-oauth-status-list
* https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth