[OAUTH-WG] Weekly github digest (OAuth Activity Summary)
Repository Activity Summary Bot <do_not_reply@mnot.net> Sun, 28 July 2024 07:56 UTC
Return-Path: <do_not_reply@mnot.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 69728C14F69E for <oauth@ietfa.amsl.com>; Sun, 28 Jul 2024 00:56:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.707
X-Spam-Level:
X-Spam-Status: No, score=-1.707 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=mnot.net header.b="Mj/xbpE3"; dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=messagingengine.com header.b="bphRw+lw"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VXj47X-SSdgd for <oauth@ietfa.amsl.com>; Sun, 28 Jul 2024 00:56:12 -0700 (PDT)
Received: from fout8-smtp.messagingengine.com (fout8-smtp.messagingengine.com [103.168.172.151]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EEABFC14F713 for <oauth@ietf.org>; Sun, 28 Jul 2024 00:56:11 -0700 (PDT)
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailfout.nyi.internal (Postfix) with ESMTP id B8A9F1380637 for <oauth@ietf.org>; Sun, 28 Jul 2024 03:39:21 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162]) by compute5.internal (MEProxy); Sun, 28 Jul 2024 03:39:21 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h=cc :content-type:content-type:date:from:from:in-reply-to :mime-version:reply-to:subject:subject:to:to; s=fm1; t= 1722152361; x=1722238761; bh=j0MPxLj6wLrxDD6aw0O0BGWi1qW4l0BEKoj GaoFrqBE=; b=Mj/xbpE3ZTiC2KVGkkZbWhDzAkoq/PQYYaoMqyAfeT8VDqS8D6q YhCcU9JMfsUnfkZQHSXz1VWsDE7RwyreqH6rWSZ84JJO9bB6VtCrYoYUp1/+rpPK WRv669X6LkJbzcNYvi6ZQrt6O1+Q3drbE6JXneGd4Y1V5ObYoEIGX5norW1M0HiK vg8wzybpx7/V4w9n+p7I8g/bEqwyYnmlU8q98fkXAYvW2LBZ6C9830ivkNBHYQqJ haSdTLhzXkzhcaY4YEFyCW56qYgns+8nqDY4ptaR2Blw0soV0E5x+sdfvUIs3P64 r24tScPMJjWnNsD9VaW6oTAROl9yqW8wPPA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date :feedback-id:feedback-id:from:from:in-reply-to:mime-version :reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1722152361; x= 1722238761; bh=j0MPxLj6wLrxDD6aw0O0BGWi1qW4l0BEKojGaoFrqBE=; b=b phRw+lwE0jWdcTht/A57XR76O0/HOx9uvCZveUI4gTvjIlTggHhM9A3NS15lIKcJ IdcAdRiiLE01hvVE61G1BLlo7Bdn7206ub+IocGdyQ2AqdFotFD++/4iyTp/mPaG UxdhXMDoGs8IAD2AwXonJnaEXXNqMrUZYY19LbwDff2Gc0h7SBOsLj3f7Uud2GyH N/ZL3p2l1T0Wn1w1Fm7ECWwXt4Mo/ANqQt/Kw+gP6/WxKqX14XQXnLnWF4xz8Amr B33zdiCSNhbkLrrlgYz+zBcCGZsHLQCnTiNJppRna7is0C8cko7u6ni+MxiMOvgZ 26gvXdR1lCzdasuiodLjg==
X-ME-Sender: <xms:qfWlZin6HFwT7N70wd8CGsDkdTHtIxoWvdeN4hEQD6-4eJQGaTKdMg> <xme:qfWlZp112bR6iyX4ZZu_8EcyNq6bv9YVYqAhUqq15fVWCKmpZ3C2SNumNXwRiXKGY CabbzgBMbd0ww8spA>
X-ME-Received: <xmr:qfWlZgp6XupKziBLSd3ADR1IAhPTXWCI5xFbQAiS8uiiauyq1wckLBxXs6eQF0Rk2a5rzYYbhGwNL8SBR9aeihw6Tt4SL07LFz9MROm9niLF2GtfFZe6t0u4_1Zk5Ukg3A>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrieelgddulecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecupfhoucgurghtvgcufhhivghlugculdegledmnecujf gurheptggghffvufesrgdttdertddtjeenucfhrhhomheptfgvphhoshhithhorhihucet tghtihhvihhthicuufhumhhmrghrhicuuehothcuoeguohgpnhhothgprhgvphhlhiesmh hnohhtrdhnvghtqeenucggtffrrghtthgvrhhnpeekfedvudetjedvfeekheeiveeugfef hfetteevgeffkefffeetffdvleehudeiteenucffohhmrghinhepghhithhhuhgsrdgtoh hmnecuvehluhhsthgvrhfuihiivgepudenucfrrghrrghmpehmrghilhhfrhhomhepugho pghnohhtpghrvghplhihsehmnhhothdrnhgvthdpnhgspghrtghpthhtoheptd
X-ME-Proxy: <xmx:qfWlZmle-h25X3pzJM5LQZOkbhO7AQt-cXX-UsIDMZu_jBZa1JRKmA> <xmx:qfWlZg1NfAfObzekmVuU6D67IYHp05PDR2ByQSPzk5_3p_DDxpVo3A> <xmx:qfWlZtsYCayZNydAblbTZi5vTv4XeSFzvydAwCGtqS5_y_wpcT1cYQ> <xmx:qfWlZsXotbJjCWjx4-JhzXPAy9y5laCLy0p-v6Z74TJVO4mlGW_1hA> <xmx:qfWlZuAOjR2CXT7ptDw9O1hwK60HM9poAFYMfDsG35yPcs3JpTGlPomM>
Feedback-ID: i1c3946f2:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <oauth@ietf.org>; Sun, 28 Jul 2024 03:39:21 -0400 (EDT)
Content-Type: multipart/alternative; boundary="===============5442276381987888428=="
MIME-Version: 1.0
From: Repository Activity Summary Bot <do_not_reply@mnot.net>
To: oauth@ietf.org
Message-Id: <20240728075611.EEABFC14F713@ietfa.amsl.com>
Date: Sun, 28 Jul 2024 00:56:11 -0700
Message-ID-Hash: 5T2SYNSLQLNBNBCNRXXPZZDA3F7YQDRI
X-Message-ID-Hash: 5T2SYNSLQLNBNBCNRXXPZZDA3F7YQDRI
X-MailFrom: do_not_reply@mnot.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [OAUTH-WG] Weekly github digest (OAuth Activity Summary)
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/NzZiIArDhechvbUG0W7DgEQwnZI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>
Events without label "editorial"
Issues
------
* oauth-wg/oauth-transaction-tokens (+9/-1/š¬16)
9 issues created:
- `subject_token` description needs to be more flexible (by tulshi)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/121
- The "N_A" value for the "txn" claim can complicate processing (by tulshi)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/120
- Azd claim name conflict with RAR (by tulshi)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/119
- RAR object inside a TraT (by tulshi)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/118
- IANA registration procedures (by tulshi)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/117
- Audience, scope & purpose (by arndt-s)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/115
- Seconds vs. milliseconds in the example (by dteleguin)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/114
- subject_token_type for Replacement Txn-Token Request (by dteleguin)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/113
- please add document history to the draft (by Sakurann)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/112
9 issues received 16 new comments:
- #120 The "N_A" value for the "txn" claim can complicate processing (1 by tulshi)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/120
- #119 Azd claim name conflict with RAR (2 by jricher, tulshi)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/119
- #118 RAR object inside a TraT (2 by gffletch, jricher)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/118
- #115 Audience, scope & purpose (4 by arndt-s, gffletch, obfuscoder)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/115
- #114 Seconds vs. milliseconds in the example (1 by gffletch)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/114
- #113 subject_token_type for Replacement Txn-Token Request (1 by gffletch)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/113
- #111 Batch or long running processes and extending lifetime of a token (2 by gffletch, tulshi)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/111
- #110 Tx token lifetime guidance missing for replacement token (1 by PieterKas)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/110
- #108 A dummy transaction token - useful for debugging (2 by ashayraut, tulshi)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/108
1 issues closed:
- Seconds vs. milliseconds in the example https://github.com/oauth-wg/oauth-transaction-tokens/issues/114
* oauth-wg/oauth-sd-jwt-vc (+6/-0/š¬5)
6 issues created:
- Drop all references to DIDs and DID resolution - rely on extensibility already in the draft (by leifj)
https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/250
- Suggestion: Should this spec be more open to multiple Credential formats? [W3C Verifiable Credentials 2.0] (by goncalo-frade-iohk)
https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/249
- Provide information where a credential can be obtained (by danielfett)
https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/248
- Potential Privacy implications of verifier knowing display information (by Sakurann)
https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/247
- clarify example(s) (by bc-pi)
https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/246
- Ambiguity what should happen when no `kid` parameter is present in header when DID is used as `iss` value (by TimoGlastra)
https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/245
3 issues received 5 new comments:
- #250 Drop all references to DIDs and DID resolution (2 by bc-pi, selfissued)
https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/250
- #248 Provide information where a credential can be obtained (1 by awoie)
https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/248
- #245 Ambiguity what should happen when no `kid` parameter is present in header when DID is used as `iss` value (2 by bc-pi, peacekeeper)
https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/245
* oauth-wg/oauth-selective-disclosure-jwt (+1/-0/š¬0)
1 issues created:
- (maybe) clarify example(s) (by bc-pi)
https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/444
* oauth-wg/oauth-v2-1 (+1/-0/š¬0)
1 issues created:
- Section 4.1.2.1 Error Response is unclear on how to handle an Invalid Authorization Endpoint request (by dfcoffin)
https://github.com/oauth-wg/oauth-v2-1/issues/184
* oauth-wg/draft-ietf-oauth-attestation-based-client-auth (+1/-0/š¬1)
1 issues created:
- client_id optional in the request body (by Sakurann)
https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/81
1 issues received 1 new comments:
- #71 Propose to change the draft name (1 by Sakurann)
https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/71
Pull requests
-------------
* oauth-wg/oauth-transaction-tokens (+1/-1/š¬0)
1 pull requests submitted:
- Correct JSON example - address issue #114 (by gffletch)
https://github.com/oauth-wg/oauth-transaction-tokens/pull/116
1 pull requests merged:
- Correct JSON example - address issue #114
https://github.com/oauth-wg/oauth-transaction-tokens/pull/116
* oauth-wg/draft-ietf-oauth-resource-metadata (+0/-1/š¬0)
1 pull requests merged:
- Removed extraneous paragraph
https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata/pull/46
Repositories tracked by this digest:
-----------------------------------
* https://github.com/oauth-wg/oauth-browser-based-apps
* https://github.com/oauth-wg/oauth-identity-chaining
* https://github.com/oauth-wg/oauth-transaction-tokens
* https://github.com/oauth-wg/oauth-sd-jwt-vc
* https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata
* https://github.com/oauth-wg/oauth-cross-device-security
* https://github.com/oauth-wg/oauth-selective-disclosure-jwt
* https://github.com/oauth-wg/oauth-v2-1
* https://github.com/oauth-wg/draft-ietf-oauth-status-list
* https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth
- [OAUTH-WG] Weekly github digest (OAuth Activity Sā¦ Repository Activity Summary Bot