IETF Logo Mail Archive

[OAUTH-WG] End User Authentication using OAuth 2.0

Justin Richer <jricher@mit.edu> Mon, 03 November 2014 04:30 UTC

Return-Path: <jricher@mit.edu>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 002271ACEAF for <oauth@ietfa.amsl.com>; Sun, 2 Nov 2014 20:30:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.395
X-Spam-Level:
X-Spam-Status: No, score=-3.395 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.594, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zGdulP0DuGRe for <oauth@ietfa.amsl.com>; Sun, 2 Nov 2014 20:30:45 -0800 (PST)
Received: from dmz-mailsec-scanner-7.mit.edu (dmz-mailsec-scanner-7.mit.edu [18.7.68.36]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EC0CB1A6F52 for <oauth@ietf.org>; Sun, 2 Nov 2014 20:30:43 -0800 (PST)
X-AuditID: 12074424-f79346d000004923-26-545704f299b0
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) (using TLS with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-7.mit.edu (Symantec Messaging Gateway) with SMTP id F8.71.18723.2F407545; Sun, 2 Nov 2014 23:30:42 -0500 (EST)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id sA34Uf1O016140 for <oauth@ietf.org>; Sun, 2 Nov 2014 23:30:41 -0500
Received: from [192.168.128.57] (static-96-237-195-53.bstnma.fios.verizon.net [96.237.195.53]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id sA34Ueg0032702 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT) for <oauth@ietf.org>; Sun, 2 Nov 2014 23:30:41 -0500
Message-ID: <545704EE.8080200@mit.edu>
Date: Sun, 02 Nov 2014 23:30:38 -0500
From: Justin Richer <jricher@mit.edu>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: OAuth WG <oauth@ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrMIsWRmVeSWpSXmKPExsUixG6nrvuJJTzEoH89h8XJt6/YHBg9liz5 yRTAGMVlk5Kak1mWWqRvl8CVMW3bFuaCZawVH+9tZm1gnMbSxcjBISFgIjH9rEIXIyeQKSZx 4d56ti5GLg4hgdlMEn+372OFcI4ySkw/9AzKec8k8e/QZFaQFl4BNYl3B1oYQSaxCKhKnOiv BwmzAZnT17QwgdiiAlESdy71Q5ULSpyc+YQFxBYRkJWYf2krmC0sYCBxtvUA2EHMAtYS33YX gYSZBeQltr+dwzyBkW8Wku5ZCFWzkFQtYGRexSibklulm5uYmVOcmqxbnJyYl5dapGuul5tZ opeaUrqJERxeLio7GJsPKR1iFOBgVOLhldgaFiLEmlhWXJl7iFGSg0lJlLf4FlCILyk/pTIj sTgjvqg0J7X4EKMEB7OSCG/lWqAcb0piZVVqUT5MSpqDRUmcd9MPvhAhgfTEktTs1NSC1CKY rAwHh5IE717m8BAhwaLU9NSKtMycEoQ0EwcnyHAeoOEXQWp4iwsSc4sz0yHypxh1OVqa3vYy CbHk5eelSonzfgEpEgApyijNg5sDSwuvGMWB3hLmXQlSxQNMKXCTXgEtYQJa4tgVArKkJBEh JdXAmBqnKvXH2lMh8PK8m7e4ryy52Fr75/RD/ZtCTzV4+Lbrl87cEHUwgdvN2cR0utk3HlbT TMWWC0e7PIOj8xorNc4/Ohh81Pwp/9fk8PIDTw7Pbm9hNZj1cGXzpfyAPRGuCfbtz85fcp+1 gkt2iuQbFW+512nef+fZndthcb/OZOen2LPnbs7coMRSnJFoqMVcVJwIABmH6H7mAgAA
Archived-At: http://mailarchive.ietf.org/arch/msg/oauth/RjTiT0Q4uQcw-7tySYBmjHbDjrM
Subject: [OAUTH-WG] End User Authentication using OAuth 2.0
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Nov 2014 04:30:47 -0000

As of earlier this evening, I've published the article that we've been 
working on about dealing with OAuth and end-user authentication. It's 
available here:

http://oauth.net/articles/authentication/

Huge thanks to everyone who commented on the text, both here on the list 
and last week at IIW. If there are edits to be made, either reply here 
or just make a pull request directly from GitHub. It's not an RFC, we 
can keep editing it. :)

In the process of putting this together for the site, I also created an 
"Articles" structure on the site so that if there are other topics we 
want to add, we (the community, not just the WG) can do so.

  -- Justin

v2.23.0 | Report a Bug | By Email