[OAUTH-WG] Weekly github digest (OAuth Activity Summary)
Repository Activity Summary Bot <do_not_reply@mnot.net> Sun, 28 July 2024 07:56 UTC
Return-Path: <do_not_reply@mnot.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 69728C14F69E for <oauth@ietfa.amsl.com>; Sun, 28 Jul 2024 00:56:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.707
X-Spam-Level:
X-Spam-Status: No, score=-1.707 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=mnot.net header.b="Mj/xbpE3"; dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=messagingengine.com header.b="bphRw+lw"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VXj47X-SSdgd for <oauth@ietfa.amsl.com>; Sun, 28 Jul 2024 00:56:12 -0700 (PDT)
Received: from fout8-smtp.messagingengine.com (fout8-smtp.messagingengine.com [103.168.172.151]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EEABFC14F713 for <oauth@ietf.org>; Sun, 28 Jul 2024 00:56:11 -0700 (PDT)
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailfout.nyi.internal (Postfix) with ESMTP id B8A9F1380637 for <oauth@ietf.org>; Sun, 28 Jul 2024 03:39:21 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162]) by compute5.internal (MEProxy); Sun, 28 Jul 2024 03:39:21 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h=cc :content-type:content-type:date:from:from:in-reply-to :mime-version:reply-to:subject:subject:to:to; s=fm1; t= 1722152361; x=1722238761; bh=j0MPxLj6wLrxDD6aw0O0BGWi1qW4l0BEKoj GaoFrqBE=; b=Mj/xbpE3ZTiC2KVGkkZbWhDzAkoq/PQYYaoMqyAfeT8VDqS8D6q YhCcU9JMfsUnfkZQHSXz1VWsDE7RwyreqH6rWSZ84JJO9bB6VtCrYoYUp1/+rpPK WRv669X6LkJbzcNYvi6ZQrt6O1+Q3drbE6JXneGd4Y1V5ObYoEIGX5norW1M0HiK vg8wzybpx7/V4w9n+p7I8g/bEqwyYnmlU8q98fkXAYvW2LBZ6C9830ivkNBHYQqJ haSdTLhzXkzhcaY4YEFyCW56qYgns+8nqDY4ptaR2Blw0soV0E5x+sdfvUIs3P64 r24tScPMJjWnNsD9VaW6oTAROl9yqW8wPPA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date :feedback-id:feedback-id:from:from:in-reply-to:mime-version :reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1722152361; x= 1722238761; bh=j0MPxLj6wLrxDD6aw0O0BGWi1qW4l0BEKojGaoFrqBE=; b=b phRw+lwE0jWdcTht/A57XR76O0/HOx9uvCZveUI4gTvjIlTggHhM9A3NS15lIKcJ IdcAdRiiLE01hvVE61G1BLlo7Bdn7206ub+IocGdyQ2AqdFotFD++/4iyTp/mPaG UxdhXMDoGs8IAD2AwXonJnaEXXNqMrUZYY19LbwDff2Gc0h7SBOsLj3f7Uud2GyH N/ZL3p2l1T0Wn1w1Fm7ECWwXt4Mo/ANqQt/Kw+gP6/WxKqX14XQXnLnWF4xz8Amr B33zdiCSNhbkLrrlgYz+zBcCGZsHLQCnTiNJppRna7is0C8cko7u6ni+MxiMOvgZ 26gvXdR1lCzdasuiodLjg==
X-ME-Sender: <xms:qfWlZin6HFwT7N70wd8CGsDkdTHtIxoWvdeN4hEQD6-4eJQGaTKdMg> <xme:qfWlZp112bR6iyX4ZZu_8EcyNq6bv9YVYqAhUqq15fVWCKmpZ3C2SNumNXwRiXKGY CabbzgBMbd0ww8spA>
X-ME-Received: <xmr:qfWlZgp6XupKziBLSd3ADR1IAhPTXWCI5xFbQAiS8uiiauyq1wckLBxXs6eQF0Rk2a5rzYYbhGwNL8SBR9aeihw6Tt4SL07LFz9MROm9niLF2GtfFZe6t0u4_1Zk5Ukg3A>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrieelgddulecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecupfhoucgurghtvgcufhhivghlugculdegledmnecujf gurheptggghffvufesrgdttdertddtjeenucfhrhhomheptfgvphhoshhithhorhihucet tghtihhvihhthicuufhumhhmrghrhicuuehothcuoeguohgpnhhothgprhgvphhlhiesmh hnohhtrdhnvghtqeenucggtffrrghtthgvrhhnpeekfedvudetjedvfeekheeiveeugfef hfetteevgeffkefffeetffdvleehudeiteenucffohhmrghinhepghhithhhuhgsrdgtoh hmnecuvehluhhsthgvrhfuihiivgepudenucfrrghrrghmpehmrghilhhfrhhomhepugho pghnohhtpghrvghplhihsehmnhhothdrnhgvthdpnhgspghrtghpthhtoheptd
X-ME-Proxy: <xmx:qfWlZmle-h25X3pzJM5LQZOkbhO7AQt-cXX-UsIDMZu_jBZa1JRKmA> <xmx:qfWlZg1NfAfObzekmVuU6D67IYHp05PDR2ByQSPzk5_3p_DDxpVo3A> <xmx:qfWlZtsYCayZNydAblbTZi5vTv4XeSFzvydAwCGtqS5_y_wpcT1cYQ> <xmx:qfWlZsXotbJjCWjx4-JhzXPAy9y5laCLy0p-v6Z74TJVO4mlGW_1hA> <xmx:qfWlZuAOjR2CXT7ptDw9O1hwK60HM9poAFYMfDsG35yPcs3JpTGlPomM>
Feedback-ID: i1c3946f2:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <oauth@ietf.org>; Sun, 28 Jul 2024 03:39:21 -0400 (EDT)
Content-Type: multipart/alternative; boundary="===============5442276381987888428=="
MIME-Version: 1.0
From: Repository Activity Summary Bot <do_not_reply@mnot.net>
To: oauth@ietf.org
Message-Id: <20240728075611.EEABFC14F713@ietfa.amsl.com>
Date: Sun, 28 Jul 2024 00:56:11 -0700
Message-ID-Hash: 5T2SYNSLQLNBNBCNRXXPZZDA3F7YQDRI
X-Message-ID-Hash: 5T2SYNSLQLNBNBCNRXXPZZDA3F7YQDRI
X-MailFrom: do_not_reply@mnot.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [OAUTH-WG] Weekly github digest (OAuth Activity Summary)
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/NzZiIArDhechvbUG0W7DgEQwnZI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>
Events without label "editorial" Issues ------ * oauth-wg/oauth-transaction-tokens (+9/-1/š¬16) 9 issues created: - `subject_token` description needs to be more flexible (by tulshi) https://github.com/oauth-wg/oauth-transaction-tokens/issues/121 - The "N_A" value for the "txn" claim can complicate processing (by tulshi) https://github.com/oauth-wg/oauth-transaction-tokens/issues/120 - Azd claim name conflict with RAR (by tulshi) https://github.com/oauth-wg/oauth-transaction-tokens/issues/119 - RAR object inside a TraT (by tulshi) https://github.com/oauth-wg/oauth-transaction-tokens/issues/118 - IANA registration procedures (by tulshi) https://github.com/oauth-wg/oauth-transaction-tokens/issues/117 - Audience, scope & purpose (by arndt-s) https://github.com/oauth-wg/oauth-transaction-tokens/issues/115 - Seconds vs. milliseconds in the example (by dteleguin) https://github.com/oauth-wg/oauth-transaction-tokens/issues/114 - subject_token_type for Replacement Txn-Token Request (by dteleguin) https://github.com/oauth-wg/oauth-transaction-tokens/issues/113 - please add document history to the draft (by Sakurann) https://github.com/oauth-wg/oauth-transaction-tokens/issues/112 9 issues received 16 new comments: - #120 The "N_A" value for the "txn" claim can complicate processing (1 by tulshi) https://github.com/oauth-wg/oauth-transaction-tokens/issues/120 - #119 Azd claim name conflict with RAR (2 by jricher, tulshi) https://github.com/oauth-wg/oauth-transaction-tokens/issues/119 - #118 RAR object inside a TraT (2 by gffletch, jricher) https://github.com/oauth-wg/oauth-transaction-tokens/issues/118 - #115 Audience, scope & purpose (4 by arndt-s, gffletch, obfuscoder) https://github.com/oauth-wg/oauth-transaction-tokens/issues/115 - #114 Seconds vs. milliseconds in the example (1 by gffletch) https://github.com/oauth-wg/oauth-transaction-tokens/issues/114 - #113 subject_token_type for Replacement Txn-Token Request (1 by gffletch) https://github.com/oauth-wg/oauth-transaction-tokens/issues/113 - #111 Batch or long running processes and extending lifetime of a token (2 by gffletch, tulshi) https://github.com/oauth-wg/oauth-transaction-tokens/issues/111 - #110 Tx token lifetime guidance missing for replacement token (1 by PieterKas) https://github.com/oauth-wg/oauth-transaction-tokens/issues/110 - #108 A dummy transaction token - useful for debugging (2 by ashayraut, tulshi) https://github.com/oauth-wg/oauth-transaction-tokens/issues/108 1 issues closed: - Seconds vs. milliseconds in the example https://github.com/oauth-wg/oauth-transaction-tokens/issues/114 * oauth-wg/oauth-sd-jwt-vc (+6/-0/š¬5) 6 issues created: - Drop all references to DIDs and DID resolution - rely on extensibility already in the draft (by leifj) https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/250 - Suggestion: Should this spec be more open to multiple Credential formats? [W3C Verifiable Credentials 2.0] (by goncalo-frade-iohk) https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/249 - Provide information where a credential can be obtained (by danielfett) https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/248 - Potential Privacy implications of verifier knowing display information (by Sakurann) https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/247 - clarify example(s) (by bc-pi) https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/246 - Ambiguity what should happen when no `kid` parameter is present in header when DID is used as `iss` value (by TimoGlastra) https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/245 3 issues received 5 new comments: - #250 Drop all references to DIDs and DID resolution (2 by bc-pi, selfissued) https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/250 - #248 Provide information where a credential can be obtained (1 by awoie) https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/248 - #245 Ambiguity what should happen when no `kid` parameter is present in header when DID is used as `iss` value (2 by bc-pi, peacekeeper) https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/245 * oauth-wg/oauth-selective-disclosure-jwt (+1/-0/š¬0) 1 issues created: - (maybe) clarify example(s) (by bc-pi) https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/444 * oauth-wg/oauth-v2-1 (+1/-0/š¬0) 1 issues created: - Section 4.1.2.1 Error Response is unclear on how to handle an Invalid Authorization Endpoint request (by dfcoffin) https://github.com/oauth-wg/oauth-v2-1/issues/184 * oauth-wg/draft-ietf-oauth-attestation-based-client-auth (+1/-0/š¬1) 1 issues created: - client_id optional in the request body (by Sakurann) https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/81 1 issues received 1 new comments: - #71 Propose to change the draft name (1 by Sakurann) https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/71 Pull requests ------------- * oauth-wg/oauth-transaction-tokens (+1/-1/š¬0) 1 pull requests submitted: - Correct JSON example - address issue #114 (by gffletch) https://github.com/oauth-wg/oauth-transaction-tokens/pull/116 1 pull requests merged: - Correct JSON example - address issue #114 https://github.com/oauth-wg/oauth-transaction-tokens/pull/116 * oauth-wg/draft-ietf-oauth-resource-metadata (+0/-1/š¬0) 1 pull requests merged: - Removed extraneous paragraph https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata/pull/46 Repositories tracked by this digest: ----------------------------------- * https://github.com/oauth-wg/oauth-browser-based-apps * https://github.com/oauth-wg/oauth-identity-chaining * https://github.com/oauth-wg/oauth-transaction-tokens * https://github.com/oauth-wg/oauth-sd-jwt-vc * https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata * https://github.com/oauth-wg/oauth-cross-device-security * https://github.com/oauth-wg/oauth-selective-disclosure-jwt * https://github.com/oauth-wg/oauth-v2-1 * https://github.com/oauth-wg/draft-ietf-oauth-status-list * https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth
- [OAUTH-WG] Weekly github digest (OAuth Activity Sā¦ Repository Activity Summary Bot