[OAUTH-WG] Re: Token Status List Shepherd Write-up - Implementations
Paul Bastian <paul.bastian@posteo.de> Tue, 10 June 2025 08:38 UTC
Return-Path: <paul.bastian@posteo.de>
X-Original-To: oauth@mail2.ietf.org
Delivered-To: oauth@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id EDC4B3310176 for <oauth@mail2.ietf.org>; Tue, 10 Jun 2025 01:38:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.395
X-Spam-Level:
X-Spam-Status: No, score=-4.395 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=posteo.de
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oeuyPxeQ4v9h for <oauth@mail2.ietf.org>; Tue, 10 Jun 2025 01:38:58 -0700 (PDT)
Received: from mout02.posteo.de (mout02.posteo.de [185.67.36.66]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id AACB0331016F for <oauth@ietf.org>; Tue, 10 Jun 2025 01:38:57 -0700 (PDT)
Received: from submission (posteo.de [185.67.36.169]) by mout02.posteo.de (Postfix) with ESMTPS id 43862240101 for <oauth@ietf.org>; Tue, 10 Jun 2025 10:38:55 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.de; s=2017; t=1749544735; bh=94rR2cIX/dUWL1kAoNHMUg6HF4G33cLpUWdSxP0bhv0=; h=Content-Type:Message-ID:Date:MIME-Version:Subject:To:From:From; b=fso0Z4PzMyQodxBo8mXVwhtAVZhxZ7VSXcy+H2dzBtV47RHQTedeFezFG1U0KXTc0 LfXmG2/LnDEaTYFFHdjgDLoj33jBKoErXTHAXTcJyLsVGdW2cZKD8RNY0Gldy32iZc asXfAY6vaF86EsBug0K4OSbuTT7MuJzRbcJD1lL+MhRJzYxISm0+E4y/Udd0ZbcrIC 7iAYFHs7Fs2HtiqS/6ztBIYoWThSZ9AtvjsKFaWUerMYZBjZT0j+ShLLsEwLBFIt9h TOj/Nt5mB/asfM5OskDPWI/a2pdJaB+s01gWDuasiaMGkj1rgE4otsCwuB3kEtXylx HnjU2Xfw0Rc3g==
Received: from customer (localhost [127.0.0.1]) by submission (posteo.de) with ESMTPSA id 4bGhz25ymHz6twM for <oauth@ietf.org>; Tue, 10 Jun 2025 10:38:54 +0200 (CEST)
Content-Type: multipart/alternative; boundary="------------CdpjIWwmwS0IuzQZlmjCQIBp"
Message-ID: <7cb6f9f3-2275-4255-902c-27db201331f2@posteo.de>
Date: Tue, 10 Jun 2025 08:38:53 +0000
MIME-Version: 1.0
To: oauth@ietf.org
References: <174887501454.25371.12592136904157247695@mail2.ietf.org> <CA+baiBhSmV1+6Qj5PQJLOP12LaTSPwZ0noVHTtF7=4DjWe1+EQ@mail.gmail.com>
Content-Language: en-US
From: Paul Bastian <paul.bastian@posteo.de>
In-Reply-To: <CA+baiBhSmV1+6Qj5PQJLOP12LaTSPwZ0noVHTtF7=4DjWe1+EQ@mail.gmail.com>
Message-ID-Hash: YBFCGS5VHGVCPQDKQXVT2TVSZXHGKQGG
X-Message-ID-Hash: YBFCGS5VHGVCPQDKQXVT2TVSZXHGKQGG
X-MailFrom: paul.bastian@posteo.de
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [OAUTH-WG] Re: Token Status List Shepherd Write-up - Implementations
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/MwgjzNpxkHxFAW-cSSAv_Y47WD4>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>
Hi, Bundesdruckerei implemented Status List for the German EUDI Wallet Challenge "FUNKE", so did several other of the Wallet participants. Best, Paul On 6/2/25 17:13, Michael Schwartz wrote: > Christian, > > We implemented Session Status List in Janssen Auth Server: > https://docs.jans.io/head/janssen-server/auth-server/endpoints/session-status-list/ > > > Also, we have a PR for Status List token validation in the Cedarling > PDP which is almost done: > https://github.com/JanssenProject/jans/pull/11520 > > - Mike > > -------------------------------------- > Michael Schwartz > Gluu > Founder/CEO > mike@gluu.org > https://www.linkedin.com/in/nynymike > > On Mon, Jun 2, 2025 at 9:37 AM <oauth-request@ietf.org> wrote: > > Send OAuth mailing list submissions to > oauth@ietf.org > > To subscribe or unsubscribe via email, send a message with subject or > body 'help' to > oauth-request@ietf.org > > You can reach the person managing the list at > oauth-owner@ietf.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of OAuth digest..." > > Today's Topics: > > 1. Re: Token Status List Shepherd Write-up - Implementations > (Christian Bormann) > 2. Re: OAuth 2.1 Draft version 12 expired 19.05.2025 > (Antic Kristian (C/CYG-GE)) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Mon, 2 Jun 2025 15:02:18 +0200 > From: Christian Bormann <chris.bormann@gmx.de> > Subject: [OAUTH-WG] Re: Token Status List Shepherd Write-up - > Implementations > To: Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com> > Cc: oauth <oauth@ietf.org> > Message-ID: <52AFA656-490E-4A1E-A90B-1481AD07D9A7@gmx.de> > Content-Type: multipart/alternative; > boundary="Apple-Mail=_814837D8-8D6F-44E8-9B9B-0B27BDC45877" > > Hi Rifaat, > > We have a small list of open source implementations that we are > aware of and which agreed to being added to our repository: > https://github.com/oauth-wg/draft-ietf-oauth-status-list?tab=readme-ov-file#implementations-open-source > > Regards, > Christian > > > On 1. Jun 2025, at 14:04, Rifaat Shekh-Yusef > <rifaat.s.ietf@gmail.com> wrote: > > > > All, > > > > As part of the shepherd write-up for the Token Status List > document, > > we are looking for information about implementations of this draft. > > > > https://datatracker.ietf.org/doc/draft-ietf-oauth-status-list/ > > > > Please, reply to this email, on the mailing list, with any > implementations that you are aware of to support this document. > > > > Regards, > > Rifaat > > _______________________________________________ > > OAuth mailing list -- oauth@ietf.org > > To unsubscribe send an email to oauth-leave@ietf.org > > -------------- next part -------------- > A message part incompatible with plain text digests has been > removed ... > Name: not available > Type: text/html > Size: 1492 bytes > Desc: not available > > ------------------------------ > > Message: 2 > Date: Mon, 2 Jun 2025 14:36:48 +0000 > From: "Antic Kristian (C/CYG-GE)" <Kristian.Antic@de.bosch.com> > Subject: [OAUTH-WG] Re: OAuth 2.1 Draft version 12 expired 19.05.2025 > To: Aaron Parecki <aaron=40parecki.com@dmarc.ietf.org>, Rifaat > Shekh-Yusef <rifaat.s.ietf@gmail.com> > Cc: "oauth@ietf.org" <oauth@ietf.org> > Message-ID: <DB9PR10MB80762ECF2748CA29098F2569A162A@DB9PR10MB8076.EUR > PRD10.PROD.OUTLOOK.COM <http://PRD10.PROD.OUTLOOK.COM>> > Content-Type: multipart/alternative; boundary="_000_DB9PR10MB80762E > CF2748CA29098F2569A162ADB9PR10MB8076EURP_" > > Hi, > > thank you both for your quick reply and Aaron for the updated > draft version > (https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-13) > > Mit freundlichen Grüßen / Best regards > > Kristian Antic > > Cyber Security - Governance Enterprise IT (C/CYG-GE) > Robert Bosch GmbH | Postfach 30 02 20 | 70442 Stuttgart | GERMANY > | www.bosch.com <http://www.bosch.com><http://www.bosch.com/> > Kristian.Antic@de.bosch.com<mailto:Kristian.Antic@de.bosch.com> > > Sitz: Stuttgart, Registergericht: Amtsgericht Stuttgart, HRB 14000; > Aufsichtsratsvorsitzender: Prof. Dr. Stefan Asenkerschbaumer; > Geschäftsführung: Dr. Stefan Hartung, Dr. Christian Fischer, Dr. > Markus Forschner, > Stefan Grosch, Dr. Markus Heyn, Dr. Frank Meyer, Katja von Raven, > Dr. Tanja Rückert > > From: Aaron Parecki <aaron=40parecki.com@dmarc.ietf.org> > Sent: Wednesday, May 28, 2025 4:07 PM > To: Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com> > Cc: Antic Kristian (C/CYG-GE) <Kristian.Antic@de.bosch.com>; > oauth@ietf.org > Subject: Re: [OAUTH-WG] Re: OAuth 2.1 Draft version 12 expired > 19.05.2025 > > I've been working on related documents, mainly the OAuth for > Browser Apps BCP, and haven't come back around to this one in a while. > > I just published an update that fixes some references including > updating the Security BCP references to RFC 9700, so it shows as > an active draft again. > > Aaron > > > On Fri, May 23, 2025 at 4:09 AM Rifaat Shekh-Yusef > <rifaat.s.ietf@gmail.com<mailto:rifaat.s.ietf@gmail.com>> wrote: > Hi Kristian, > > No, this does not mean that the document is near finalization. > This just means that the authors did not have a chance to work on > the document. > > Regards, > Rifaat > > > > On Fri, May 23, 2025 at 5:02 AM Antic Kristian (C/CYG-GE) > <Kristian.Antic=40de.bosch.com@dmarc.ietf.org<mailto:40de.bosch.com@dmarc.ietf.org>> > wrote: > Dear OAuth Working Group, > > I have noticed that the latest draft > (draft-ietf-oauth-v2-1-12<https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-12>) > for OAuth 2.1 has expired on May 19, 2024. > I would like to inquire whether this indicates that the > specification is nearing finalization, or if work is underway on a > new draft version. > Thank you for your time and clarification. > > Mit freundlichen Grüßen / Best regards > > Kristian Antic > > Cyber Security - Governance Enterprise IT (C/CYG-GE) > Robert Bosch GmbH | Postfach 30 02 20 | 70442 Stuttgart | GERMANY > | www.bosch.com <http://www.bosch.com><http://www.bosch.com/> > Kristian.Antic@de.bosch.com<mailto:Kristian.Antic@de.bosch.com> > > Sitz: Stuttgart, Registergericht: Amtsgericht Stuttgart, HRB 14000; > Aufsichtsratsvorsitzender: Prof. Dr. Stefan Asenkerschbaumer; > Geschäftsführung: Dr. Stefan Hartung, Dr. Christian Fischer, Dr. > Markus Forschner, > Stefan Grosch, Dr. Markus Heyn, Dr. Frank Meyer, Katja von Raven, > Dr. Tanja Rückert > > _______________________________________________ > OAuth mailing list -- oauth@ietf.org<mailto:oauth@ietf.org> > To unsubscribe send an email to > oauth-leave@ietf.org<mailto:oauth-leave@ietf.org> > _______________________________________________ > OAuth mailing list -- oauth@ietf.org<mailto:oauth@ietf.org> > To unsubscribe send an email to > oauth-leave@ietf.org<mailto:oauth-leave@ietf.org> > -------------- next part -------------- > A message part incompatible with plain text digests has been > removed ... > Name: not available > Type: text/html > Size: 9718 bytes > Desc: not available > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > OAuth mailing list -- oauth@ietf.org > To unsubscribe send an email to oauth-leave@ietf.org > > > ------------------------------ > > End of OAuth Digest, Vol 200, Issue 2 > ************************************* > > > > ------------------------------------------------------------------------ > *CONFIDENTIALITY NOTICE* > This message may contain confidential or legally privileged information. > If you are not the intended recipient, please immediately advise the > sender by reply e-mail that you received this message, and delete this > e-mail from your system. > Thank you for your cooperation > > _______________________________________________ > OAuth mailing list --oauth@ietf.org > To unsubscribe send an email tooauth-leave@ietf.org
- [OAUTH-WG] Token Status List Shepherd Write-up - … Rifaat Shekh-Yusef
- [OAUTH-WG] Re: Token Status List Shepherd Write-u… Michael Schwartz
- [OAUTH-WG] Re: Token Status List Shepherd Write-u… Christian Bormann
- [OAUTH-WG] Re: Token Status List Shepherd Write-u… Paul Bastian
- [OAUTH-WG] Re: Token Status List Shepherd Write-u… Rifaat Shekh-Yusef