[OAUTH-WG] Call for Adoption: OAuth 2.0 Security: OAuth Open Redirector
Hannes Tschofenig <hannes.tschofenig@gmx.net> Tue, 19 January 2016 11:47 UTC
Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 582A91B2CAE for <oauth@ietfa.amsl.com>; Tue, 19 Jan 2016 03:47:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8QCabird0_Uf for <oauth@ietfa.amsl.com>; Tue, 19 Jan 2016 03:47:48 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C90F1B2CAA for <oauth@ietf.org>; Tue, 19 Jan 2016 03:47:47 -0800 (PST)
Received: from [192.168.10.141] ([82.142.85.169]) by mail.gmx.com (mrgmx101) with ESMTPSA (Nemesis) id 0Lubnw-1aCrrN1GqG-00zrZX for <oauth@ietf.org>; Tue, 19 Jan 2016 12:47:45 +0100
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Openpgp: id=071A97A9ECBADCA8E31E678554D9CEEF4D776BC9
X-Enigmail-Draft-Status: N1110
To: "oauth@ietf.org" <oauth@ietf.org>
Message-ID: <569E2260.4080904@gmx.net>
Date: Tue, 19 Jan 2016 12:47:44 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="33NG1bUkpMjkBkdnDOMi0DJv45pAtEjX0"
X-Provags-ID: V03:K0:dfO+M0EnS1xBerp6UPk4tS90Pc2kuF43Ljq7zaeSw1vClH58Wvh pGiTLU+HzdTud4jrqu/rcLFh7TMOq04qaXqiaXIkFFYjcFGqQus3jke96i3avBsiUNX38iu wZbayWeP/J/DhdEPcfuLXJ1uw/cCyWOVGaiWy0c1JvdlThtVVX/OT1trD5Ui5qxPz/5pnoo qMUp/ziDl5YQLDgh7Caqg==
X-UI-Out-Filterresults: notjunk:1;V01:K0:58TmxEtgkdc=:jr3yZ9+/VWaeau6Y6YQBBA P0FOIZZp+n1nYjbAB59ZNEcBtqHx5tFqvky8yyG8VNa/l4rIkWSXY5iCntTNH2bGw+3XXwm7r VEeTvoT+4qWo9+6FKOg/rwbb0RnA/cO81P/VRPlx3YYk8K2na/6uZfSy20eNqXdIuwJwbx+dt HvYEDqVDebaxxd0cLr9s5NCHSNmBzls2KLgYRL76iIhWfQ8j42z3ZOgbJwZGvLdtA+Jb+W6Io ij07IpbUidxQcSRzRcOUEhvWr2vHB5AvqzDMN1BQKJtaZuFpFeM5yuI4WaG/EPfvd7Od0OlvE ZnQholCmwjiV8/+CQa3wEzVGgdWZC9vHk5tkQZ22V8Iv5k5VdHa3E3XV8EaeiSqzYcB16Qy52 CboF8of+LYLslyfJC1UWNdTvk6pIww0poQGWY3/Q70nxtgDVvzOdqnDxHCgbnlN8t3LNsxalN WLh8+qMJdZBQ5cnn5q1RjMxU3iaxUqhbT9NIHUpuFiv+Y7ECmKimplGDtKznqrUPo3H91ff8C MnBvB53NR376vMvZSlMRRcq4Xt6EhapqKFIWnVb2oB/Iplz35ymOnJZa4VrSti8+xYibQ2tlW liclHefjmnBAyDcDE2qkgHV0UmjbrrNyuwh2yV77/0jKT8MR0rxS130ddPkmve/SBc6WsrAly 4FUUfVZocKklyNOyejjXqw3JA8fRvSZ/LjSFEL2KyA+3f6BNfC/eL1ox8eIysMQBnFZM8grn5 GwjkTIZq2P2hxEJJsOok2jMWcXSAUuC7x1QUa3tKxcGq85slWMrJv64j88Q=
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/PGjxCyAiVZ8UKXaaBJ0-mPY5Z_o>
Subject: [OAUTH-WG] Call for Adoption: OAuth 2.0 Security: OAuth Open Redirector
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jan 2016 11:47:49 -0000
Hi all, this is the call for adoption of OAuth 2.0 Security: OAuth Open Redirector, see https://tools.ietf.org/html/draft-bradley-oauth-open-redirector-02 Please let us know by Feb 2nd whether you accept / object to the adoption of this document as a starting point for work in the OAuth working group. Note: At the IETF Yokohama we asked for generic feedback about doing security work in the OAuth working group and there was very positive feedback. However, for the adoption call we need to ask for individual documents. Hence, you need to state your view again. Ciao Hannes & Derek
- [OAUTH-WG] Call for Adoption: OAuth 2.0 Security:… Hannes Tschofenig
- Re: [OAUTH-WG] Call for Adoption: OAuth 2.0 Secur… Antonio Sanso
- Re: [OAUTH-WG] Call for Adoption: OAuth 2.0 Secur… William Denniss
- Re: [OAUTH-WG] Call for Adoption: OAuth 2.0 Secur… John Bradley
- Re: [OAUTH-WG] Call for Adoption: OAuth 2.0 Secur… Nat Sakimura
- Re: [OAUTH-WG] Call for Adoption: OAuth 2.0 Secur… John Bradley
- Re: [OAUTH-WG] Call for Adoption: OAuth 2.0 Secur… Brian Campbell
- Re: [OAUTH-WG] Call for Adoption: OAuth 2.0 Secur… George Fletcher
- Re: [OAUTH-WG] Call for Adoption: OAuth 2.0 Secur… Phil Hunt
- Re: [OAUTH-WG] Call for Adoption: OAuth 2.0 Secur… George Fletcher
- Re: [OAUTH-WG] Call for Adoption: OAuth 2.0 Secur… Mike Jones
- Re: [OAUTH-WG] Call for Adoption: OAuth 2.0 Secur… Roland Hedberg