Re: [OAUTH-WG] Second OAuth Security Workshop (Call for Papers)
Nat Sakimura <sakimura@gmail.com> Thu, 04 May 2017 07:19 UTC
Return-Path: <sakimura@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0763C129BAA for <oauth@ietfa.amsl.com>; Thu, 4 May 2017 00:19:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WU2PzKGfORo1 for <oauth@ietfa.amsl.com>; Thu, 4 May 2017 00:19:08 -0700 (PDT)
Received: from mail-qk0-x230.google.com (mail-qk0-x230.google.com [IPv6:2607:f8b0:400d:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE93712941D for <oauth@ietf.org>; Thu, 4 May 2017 00:19:07 -0700 (PDT)
Received: by mail-qk0-x230.google.com with SMTP id k74so4014937qke.1 for <oauth@ietf.org>; Thu, 04 May 2017 00:19:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=ZQ5R2tAYP7I+vwxvuWSKrwg3umfN9u8SbZNuW9Ux43A=; b=e66cJMyrkjrb2PB8bP4wepWyaLh6iE1Ip61aai0zUdNhuDS6W+aDbSawzw9cHrG+D3 K1lcVrX+G2HHD8+WS1f/jYiJoPnLriqiLqZHTF6xljgK4XO5hZt5abM8kBLGV6mXiGwf KmH8vSvqS80KZWlJNiXL63fYn7ejDU60flcOfrxRhyoRH35HbYMiHZ1FZMAKpzy5Xiq5 p35W8zfNcJYQmk83ny0wNVWRXqWn9bONGltMe5CCTiZcpfY7lUof/vG5fx6uJH4PVaME dnvTc/KVMExVOPjMqAGPwQfWx+jOuGYnuHHTFkD2o+S8vWSRG43U4wLPhkqO1NnKwU+P VJgw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=ZQ5R2tAYP7I+vwxvuWSKrwg3umfN9u8SbZNuW9Ux43A=; b=KIa6nW20lZdXDlgCISRtmZgfS1N/p3Dr2bsOF2ZcdjxhQd8yaHmr8V1oNCqp9ci7GG qXLcD00M+Ot7g1LZg7QgesKsZryEkgjUReKgsiJLjijxdWXzXTpybR7jg6uTHH5P6Pli 6qJEsLVjlYSWrB3dB2g+dMOLy0AekjmdBxwCbaHgaY4CezUZLXVVthNLH3XMPYlor5rz Rs3RmQRmBqYYw/WQHV4Eta6PJjgXJRr0+d2nr95+gpMSuQm1jg1VuZYuMUoR6STMTB+n B75bqYWSKnJ5f91NYwRNEPlxNerQegKtTtvRZO/kv3fXhq4MgfwnkCS/lVtmyKP0wFmg R/og==
X-Gm-Message-State: AN3rC/7BlMbOZ6Kgcbfg3SM6G1H8KPXPpUNuYAH/eSAk+/sC6LjoWnvq VPorP1JgJx1bh7HORmxgEy5eoP0WpQ==
X-Received: by 10.55.88.4 with SMTP id m4mr5975555qkb.84.1493882346873; Thu, 04 May 2017 00:19:06 -0700 (PDT)
MIME-Version: 1.0
References: <ed9a8430-5c80-6be3-8b5d-1759c4218919@lodderstedt.net> <BN6PR21MB05003786286B93ECF604D923F5220@BN6PR21MB0500.namprd21.prod.outlook.com> <269DD0EC-FCBF-4691-9BAA-2B8F144C0353@lodderstedt.net> <3A9170DD-0861-478D-A9DD-9A55DC930B8D@ve7jtb.com> <4ACE4772-E01B-4D9A-8AED-7926B9E87615@lodderstedt.net> <BN6PR21MB05003104D5B83C1B921AC8CAF51B0@BN6PR21MB0500.namprd21.prod.outlook.com> <18ACD3B9-A5BA-4C59-993C-C3A4C5F5EBBD@lodderstedt.net>
In-Reply-To: <18ACD3B9-A5BA-4C59-993C-C3A4C5F5EBBD@lodderstedt.net>
From: Nat Sakimura <sakimura@gmail.com>
Date: Thu, 04 May 2017 07:18:54 +0000
Message-ID: <CABzCy2DVf475Fh6JsAzSUufyDdY5X5uk856Td=d5ULCC9SLr1w@mail.gmail.com>
To: Torsten Lodderstedt <torsten@lodderstedt.net>, "oauth@ietf.org" <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="001a114e2d289f2ac2054ead966d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/Tp9ve-bauCj_yAWq1ajOtv3_cuk>
Subject: Re: [OAUTH-WG] Second OAuth Security Workshop (Call for Papers)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 May 2017 07:19:13 -0000
Ok, I will try but I am under multiple deadlines also... On Wed, May 3, 2017 at 5:32 Torsten Lodderstedt <torsten@lodderstedt.net> wrote: > Hi all, > > FYI - submission deadline has been extended by one week since we didn’t > receive as much submissions as expected. > > I would like to invite you to submit a paper or even to give an ad-hoc > talk (I plan to). Please contact me via e-mail if you happen to have any > question regarding this topic. > > best regards, > Torsten. > > > > Am 20.04.2017 um 19:49 schrieb Mike Jones <Michael.Jones@microsoft.com>: > > Excellent! > > > > *From:* Torsten Lodderstedt [mailto:torsten@lodderstedt.net > <torsten@lodderstedt.net>] > *Sent:* Thursday, April 20, 2017 10:42 AM > *To:* oauth@ietf.org > *Cc:* Mike Jones <Michael.Jones@microsoft.com>; John Bradley < > ve7jtb@ve7jtb.com> > *Subject:* Re: [OAUTH-WG] Second OAuth Security Workshop (Call for Papers) > > > > Hi all, > > > > I'm pleased to announce the hosts managed to change the date of the > security workshop to the end of the week before IETF-99, July 13-14. > > > > Please find the updated CfP below. > > > > kind regards, > > Torsten. > > > > > =============================================================================== > > C a l l F o r P a p e r s > > Second OAuth Security Workshop (OSW 2017) > > Zurich, Switzerland -- July 13-14, 2017 (note the changed event date) > > WWW: https://zisc.ethz.ch/oauth-security-workshop-2017-cfp/ > > Position paper submission deadline: May 2, 2017 (AoE, UTC-12). > > > =============================================================================== > > Overview > > The OAuth Security Workshop (OSW) focuses on improving security of the > OAuth standard and related Internet protocols. This workshop brings > together the IETF OAuth Working Group and security experts from > research, industry, and standardization to this end. The workshop is > hosted by the Zurich Information Security and Privacy Center at ETH Zurich. > > While the standardization process of OAuth ensures extensive reviews > (both security and non-security related), further analysis by security > experts from academia and industry is essential to ensure high quality > specifications. Contributions to this workshop can help to improve the > security of the Web and the Internet. > > > Scope > > We seek position papers related to the security of OAuth, OpenID > Connect, and other technologies using OAuth under the hood. > Contributions regarding technologies that are used in OAuth, such as > JOSE, or impact the security of OAuth, such as Web technology, are also > welcome. > > > Important Dates > > Position paper submission deadline: May 2, 2017 (AoE, UTC-12). > Author notification: May 15, 2017. > Registration deadline: June 16, 2017. > Workshop: July 13 and July 14, 2017. > > > Invited Speakers > > Cas Cremers, University of Oxford > > > Submission > > We welcome position papers that describe existing work, raise new > requirements, highlight challenges, write-ups of implementation and > deployment experience, lessons-learned from successful or failed > attempts, and ideas on how to improve OAuth and OAuth extensions. > > Position papers submitted to the OAuth Security Workshop may report on > (unpublished) work in progress, be submitted to other places, and may > even have already appeared or been accepted elsewhere. > > Submissions must be in PDF format and should feature reasonable margins > and formatting. There is no page limit, but the submission should be > brief (ideally not more than 3-5 pages). Submissions should not be > anonymized. > > Submission Website: https://easychair.org/conferences/?conf=osw17 > > > Publication and Presentation > > One of the authors of the accepted position paper is expected to present > the paper at the workshop. > > All presentations and papers will be put online but there will be no > formal proceedings. Authors of accepted papers will have the option to > revise their papers before they are put online. > > > IPR Policy > > The workshop will have no expectation of IPR disclosure or licensing > related to its submissions. Authors are responsible for obtaining > appropriate publication clearances. > > > Program Committee > > Chairs > David Basin (ETH Zurich) > Torsten Lodderstedt (YES Europe) > > Members > John Bradley (Ping Identity) > Ralf Küsters (University of Stuttgart) > Chris Mitchell (Royal Holloway University of London) > Anthony Nadalin (Microsoft) > Nat Sakimura (Nomura Research Institute) > Ralf Sasse (ETH Zurich) > Jörg Schwenk (Ruhr University Bochum) > Hannes Tschofenig (IETF OAuth Working Group Co-Chair) > > > > Am 13.03.2017 um 21:01 schrieb John Bradley <ve7jtb@ve7jtb.com>: > > > > I did point out earlier when I discovered the dates, that I similarly > asked for it to be later in the week. > It is probably fine for Europeans but it will stop many people from being > able to attend including myself unless I can come up with other meetings in > Europe to fill those days. > > If we cant move it then we will have to live with it and attend or not. > > John B. > > > On Mar 13, 2017, at 4:46 PM, Torsten Lodderstedt <torsten@lodderstedt.net> > wrote: > > Hi Mike, > > yes, those are the right dates. There are restrictions from the host's > side, that’s why the workshop needs to take place on Monday and Tuesday. As > far as I remember the host was clear about that from the beginning. > > best regards, > Torsten. > > > Am 12.03.2017 um 22:15 schrieb Mike Jones <Michael.Jones@microsoft.com>: > > Are Monday-Tuesday, July 10-11 really the right dates? I'm asking because > IETF in Prague doesn't start until Sunday, July 16th. That leaves 4 days > dead time in between for those of us who are attending both. > > When I was first told about this workshop, I was told that it would be > sometime Wednesday-Friday that week. Can it be moved back to those dates? > That would be a big help for those of us travelling distances to attend. > > Or is there also another event in the Wednesday-Friday timeframe that > people should also be considering attending? > > Thanks, > -- Mike > > -----Original Message----- > From: OAuth [mailto:oauth-bounces@ietf.org <oauth-bounces@ietf.org>] On > Behalf Of Torsten Lodderstedt > Sent: Sunday, March 12, 2017 12:28 PM > To: oauth@ietf.org > Subject: [OAUTH-WG] Second OAuth Security Workshop (Call for Papers) > > Hi all, > > the OAuth WG and the ETH Zurich will organize another workshop on OAuth > security (after the one last year in Trier). > > Please find the Call for Papers below. > > kind regards, > Torsten. > > C a l l F o r P a p e r s > > Second OAuth Security Workshop (OSW 2017) > > Zurich, Switzerland -- July 10-11, 2017 > > WWW:https://zisc.ethz.ch/oauth-security-workshop-2017-cfp/ > > > =============================================================================== > > Overview > > The OAuth Security Workshop (OSW) focuses on improving security of the > OAuth standard and related Internet protocols. This workshop brings > together the IETF OAuth Working Group and security experts from research, > industry, and standardization to this end. The workshop is hosted by the > Zurich Information Security and Privacy Center at ETH Zurich. > > While the standardization process of OAuth ensures extensive reviews (both > security and non-security related), further analysis by security experts > from academia and industry is essential to ensure high quality > specifications. Contributions to this workshop can help to improve the > security of the Web and the Internet. > > > Scope > > We seek position papers related to the security of OAuth, OpenID Connect, > and other technologies using OAuth under the hood. > Contributions regarding technologies that are used in OAuth, such as JOSE, > or impact the security of OAuth, such as Web technology, are also welcome. > > > Important Dates > > Position paper submission deadline: May 2, 2017 (AoE, UTC-12). > Author notification: May 15, 2017. > Registration deadline: June 16, 2017. > Workshop: July 10 and July 11, 2017. > > > Invited Speakers > > Cas Cremers, University of Oxford > > > Submission > > We welcome position papers that describe existing work, raise new > requirements, highlight challenges, write-ups of implementation and > deployment experience, lessons-learned from successful or failed attempts, > and ideas on how to improve OAuth and OAuth extensions. > > Position papers submitted to the OAuth Security Workshop may report on > (unpublished) work in progress, be submitted to other places, and may even > have already appeared or been accepted elsewhere. > > Submissions must be in PDF format and should feature reasonable margins > and formatting. There is no page limit, but the submission should be brief > (ideally not more than 3-5 pages). Submissions should not be anonymized. > > Submission Website:https://easychair.org/conferences/?conf=osw17 > > > Publication and Presentation > > One of the authors of the accepted position paper is expected to present > the paper at the workshop. > > All presentations and papers will be put online but there will be no > formal proceedings. Authors of accepted papers will have the option to > revise their papers before they are put online. > > > IPR Policy > > The workshop will have no expectation of IPR disclosure or licensing > related to its submissions. Authors are responsible for obtaining > appropriate publication clearances. > > > Program Committee > > Chairs > David Basin (ETH Zurich) > Torsten Lodderstedt (YES Europe) > > Members > John Bradley (Ping Identity) > Ralf Küsters (University of Stuttgart) > Chris Mitchell (Royal Holloway University of London) Anthony Nadalin > (Microsoft) Nat Sakimura (Nomura Research Institute) Ralf Sasse (ETH > Zurich) Jörg Schwenk (Ruhr University Bochum) Hannes Tschofenig (IETF OAuth > Working Group Co-Chair) > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > > > > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > -- Nat Sakimura Chairman of the Board, OpenID Foundation
- Re: [OAUTH-WG] Second OAuth Security Workshop (Ca… Torsten Lodderstedt
- Re: [OAUTH-WG] Second OAuth Security Workshop (Ca… Mike Jones
- Re: [OAUTH-WG] Second OAuth Security Workshop (Ca… Jim Manico
- [OAUTH-WG] Second OAuth Security Workshop (Call f… Torsten Lodderstedt
- Re: [OAUTH-WG] Second OAuth Security Workshop (Ca… Mike Jones
- Re: [OAUTH-WG] Second OAuth Security Workshop (Ca… Torsten Lodderstedt
- Re: [OAUTH-WG] Second OAuth Security Workshop (Ca… John Bradley
- Re: [OAUTH-WG] Second OAuth Security Workshop (Ca… Torsten Lodderstedt
- Re: [OAUTH-WG] Second OAuth Security Workshop (Ca… Torsten Lodderstedt
- Re: [OAUTH-WG] Second OAuth Security Workshop (Ca… Nat Sakimura