[OAUTH-WG] Initial Working Group Draft of OAuth Token Binding Specification
Mike Jones <Michael.Jones@microsoft.com> Thu, 08 September 2016 16:26 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B27E12B115 for <oauth@ietfa.amsl.com>; Thu, 8 Sep 2016 09:26:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.021
X-Spam-Level:
X-Spam-Status: No, score=-2.021 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P7XINC7P5sGp for <oauth@ietfa.amsl.com>; Thu, 8 Sep 2016 09:26:26 -0700 (PDT)
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-bl2nam02on0105.outbound.protection.outlook.com [104.47.38.105]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A566612B0E2 for <oauth@ietf.org>; Thu, 8 Sep 2016 09:26:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=jLeX/an5FGmB8um9tJj0lfnhD01JKPOJM6CgdJUc0UM=; b=hTO2iACD0IimIG81SJx5bPrBYc764H1HKKqNBq+bkPB7vMBLtBstvUClXoJr/oSOiiOEUaV0w3KK033ireNPeE/AO1bEkyM4PFrn3ZbqMd+/GAetfeUVrjpnjJ8UTmtnR5WyoFQyARfORoep81VdCO9hk2C6B7jb28HRZSyavc4=
Received: from BN3PR03MB2355.namprd03.prod.outlook.com (10.166.74.150) by BN3PR03MB2355.namprd03.prod.outlook.com (10.166.74.150) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384) id 15.1.599.9; Thu, 8 Sep 2016 16:26:24 +0000
Received: from BN3PR03MB2355.namprd03.prod.outlook.com ([10.166.74.150]) by BN3PR03MB2355.namprd03.prod.outlook.com ([10.166.74.150]) with mapi id 15.01.0599.016; Thu, 8 Sep 2016 16:26:24 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: Initial Working Group Draft of OAuth Token Binding Specification
Thread-Index: AdIJS9JttjQ4CaHHRLSVluLCqTr6tA==
Date: Thu, 08 Sep 2016 16:26:24 +0000
Message-ID: <BN3PR03MB23556474E2DC2AD4F18144FEF5FB0@BN3PR03MB2355.namprd03.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [50.47.91.120]
x-ms-office365-filtering-correlation-id: 85bab331-2d43-468d-846f-08d3d804e03b
x-microsoft-exchange-diagnostics: 1; BN3PR03MB2355; 6:3C2wHpxvLJa/aMscuK3HpifkVt11u/vZc8FzHzKTtvpQWad9yjfRH0GLZUXr0XTnIHMyVVcSGqB82BDZrlENt6drukWtemyToWkt7JppYn3JvE1Dj2k7uCsYLudfXaqQXdaly/t5YdcXsi3a54DlesrOyCoop8FaO8v7RByrbkoCQvcOHvqkayio/CBovZxQriwME4jIXRZPFoNhiLnDjXetLSYoyaHHuPJgoPtnno44fml4JqkNEaDvW1bpBKIIa0rxPRos2aBZ2q6M2QT3RLBKZFSYBkomKmzQkoLPWoDvCMZiwlEj2K3D3sDAfjd8xBX59t56tJ7Wf7vcCGHkOQ==; 5:MFIhXt938JJR0dWNjYDFU43kXf44psXHt2EiQ3L2M7jVNbL8ID8wdLHxvNKGNOfHoqjKRDGF2f9lllFrGr+mJ+N2J7xvnNQKkZX6A8tg3qmhoGPE2EJNpLrZsfDLqwbMWm+/zh6B8VsJhjBZvI0P5Q==; 24:PV6LYSO3CX5Zd2mLL+PlQuroMNKWewPWqKIAS3yvqwt8WOJ3HEZ9fxOTxktUaKW8Qb7R19FMZiyroA1VAlkMXMTG6PJCNx6n3wm8eLnG3KA=; 7:wvN2s7zqQEO7+fd4bYhLxJcPjzGG1N3aPtku7+u7S1Im56lxbzMuvsqeOdMHqviy96ReS7BFg8ucBsqU8GMcR6eXSYHL0qYw6qsw1CLNWr790EuPmaw5qj1QN1eXYo1Xgdck22v+3OSiiRra1WBiN32Sr1YtVkxys90vhs9b/0JuHf+ftnORiTLh1x4xZuFUaiBZrRX9qpfUU8BW4Z2WvDDK+bjC10metCvYDgDLDntakPcCYU4FLRC6ZKZahDiK
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BN3PR03MB2355;
x-microsoft-antispam-prvs: <BN3PR03MB235555968974AA0A2CDF599FF5FB0@BN3PR03MB2355.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(31418570063057)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(6040176)(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046)(6055026)(61426038)(61427038); SRVR:BN3PR03MB2355; BCL:0; PCL:0; RULEID:; SRVR:BN3PR03MB2355;
x-forefront-prvs: 00594E8DBA
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(7916002)(209900001)(199003)(189002)(3846002)(11100500001)(3280700002)(2351001)(87936001)(8676002)(5630700001)(19625215002)(7906003)(10400500002)(5005710100001)(790700001)(7846002)(50986999)(7736002)(7696003)(101416001)(2501003)(10290500002)(97736004)(110136002)(77096005)(107886002)(76576001)(10090500001)(15975445007)(19580395003)(74316002)(450100001)(2900100001)(8936002)(2906002)(102836003)(122556002)(33656002)(5002640100001)(19300405004)(16236675004)(3660700001)(86612001)(81156014)(586003)(92566002)(68736007)(5660300001)(81166006)(99286002)(229853001)(66066001)(6116002)(189998001)(86362001)(19617315012)(5640700001)(8990500004)(54356999)(9686002)(106356001)(105586002)(1730700003)(6606295002); DIR:OUT; SFP:1102; SCL:1; SRVR:BN3PR03MB2355; H:BN3PR03MB2355.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_BN3PR03MB23556474E2DC2AD4F18144FEF5FB0BN3PR03MB2355namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Sep 2016 16:26:24.0962 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3PR03MB2355
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/PQwlvnSSle0YltvxQ4f6wdr8juY>
Subject: [OAUTH-WG] Initial Working Group Draft of OAuth Token Binding Specification
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Sep 2016 16:26:28 -0000
The initial working group draft of the OAuth Token Binding specification has been published. It has the same content as draft-jones-oauth-token-binding-00, but with updated references. This specification defines how to perform token binding for OAuth access tokens and refresh tokens. Note that the access token mechanism is expected to change shortly to use the Referred Token Binding, per working group discussions at IETF 96 in Berlin. The specification is available at: * http://tools.ietf.org/html/draft-ietf-oauth-token-binding-00 An HTML-formatted version is also available at: * http://self-issued.info/docs/draft-ietf-oauth-token-binding-00.html -- Mike P.S. This notice was also posted at http://self-issued.info/?p=1605 and as @selfissued<https://twitter.com/selfissued>.