Re: [oauth] OAUTH Charter Proposal
"Tschofenig, Hannes (NSN - FI/Espoo)" <hannes.tschofenig@nsn.com> Mon, 02 February 2009 07:00 UTC
Return-Path: <oauth-bounces@ietf.org>
X-Original-To: oauth-archive@ietf.org
Delivered-To: ietfarch-oauth-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6A7EA3A6870; Sun, 1 Feb 2009 23:00:21 -0800 (PST)
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D4CFF3A6870 for <oauth@core3.amsl.com>; Sun, 1 Feb 2009 23:00:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.614
X-Spam-Level:
X-Spam-Status: No, score=-3.614 tagged_above=-999 required=5 tests=[AWL=-1.015, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f67qSs5njUXC for <oauth@core3.amsl.com>; Sun, 1 Feb 2009 23:00:19 -0800 (PST)
Received: from demumfd002.nsn-inter.net (demumfd002.nsn-inter.net [217.115.75.234]) by core3.amsl.com (Postfix) with ESMTP id CE5713A63D2 for <oauth@ietf.org>; Sun, 1 Feb 2009 23:00:15 -0800 (PST)
Received: from demuprx017.emea.nsn-intra.net ([10.150.129.56]) by demumfd002.nsn-inter.net (8.12.11.20060308/8.12.11) with ESMTP id n126xt0g011498 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for <oauth@ietf.org>; Mon, 2 Feb 2009 07:59:55 +0100
Received: from demuexc024.nsn-intra.net (demuexc024.nsn-intra.net [10.159.32.11]) by demuprx017.emea.nsn-intra.net (8.12.11.20060308/8.12.11) with ESMTP id n126xt8h013568 for <oauth@ietf.org>; Mon, 2 Feb 2009 07:59:55 +0100
Received: from FIESEXC015.nsn-intra.net ([10.159.0.23]) by demuexc024.nsn-intra.net with Microsoft SMTPSVC(6.0.3790.3959); Mon, 2 Feb 2009 07:59:54 +0100
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Mon, 02 Feb 2009 09:00:39 +0200
Message-ID: <3D3C75174CB95F42AD6BCC56E5555B45FFEE62@FIESEXC015.nsn-intra.net>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Re: [oauth] OAUTH Charter Proposal
Thread-Index: AcmFA/TGyhpZcEERTZ2O37rALUIGkw==
From: "Tschofenig, Hannes (NSN - FI/Espoo)" <hannes.tschofenig@nsn.com>
To: oauth@ietf.org
X-OriginalArrivalTime: 02 Feb 2009 06:59:54.0832 (UTC) FILETIME=[DA298500:01C98503]
Subject: Re: [oauth] OAUTH Charter Proposal
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Oauth bof discussion <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: oauth-bounces@ietf.org
Errors-To: oauth-bounces@ietf.org
Hi Chris, First, small typo: "OAuth consist of:" should be "OAuth consists of:" [hannes] Thanks. Fixed. Second, w/r/t to this: Furthermore, Oauth 1.0 defines three signature methods used to protect requests, namely PLAINTEXT, HMAC-SHA1, and RSA-SHA1. The group will work on new signature methods in case the existing mechanisms do not fulfill the security requirements. Where are the "security requirements" coming from? Are these defined separately? Whose are they? [hannes] I think a pragmatic approach is sensible here: a document that describes a new mechanism might want to say what requirements guided the solution and thereby provide some motivation. I was not thinking of an independent requirements document. I don't think that it is well spent time. Ciao Hannes Chris _______________________________________________ oauth mailing list oauth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
- Re: [oauth] OAUTH Charter Proposal James Aylett
- [oauth] OAUTH Charter Proposal Hannes Tschofenig
- Re: [oauth] OAUTH Charter Proposal Blaine Cook
- Re: [oauth] OAUTH Charter Proposal Hannes Tschofenig
- Re: [oauth] OAUTH Charter Proposal Eran Hammer-Lahav
- Re: [oauth] OAUTH Charter Proposal Krishna Sankar
- Re: [oauth] OAUTH Charter Proposal Hannes Tschofenig
- Re: [oauth] OAUTH Charter Proposal Krishna Sankar
- Re: [oauth] OAUTH Charter Proposal Hannes Tschofenig
- Re: [oauth] OAUTH Charter Proposal Krishna Sankar
- Re: [oauth] OAUTH Charter Proposal Chris Messina
- Re: [oauth] OAUTH Charter Proposal Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [oauth] OAUTH Charter Proposal Chris Messina
- Re: [oauth] OAUTH Charter Proposal Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [oauth] OAUTH Charter Proposal George Fletcher
- Re: [oauth] OAUTH Charter Proposal Hubert Le Van Gong
- Re: [oauth] OAUTH Charter Proposal Hannes Tschofenig
- Re: [oauth] OAUTH Charter Proposal Hannes Tschofenig
- Re: [oauth] OAUTH Charter Proposal Hubert Le Van Gong
- Re: [oauth] OAUTH Charter Proposal Eran Hammer-Lahav
- Re: [oauth] OAUTH Charter Proposal Blaine Cook
- Re: [oauth] OAUTH Charter Proposal Eran Hammer-Lahav
- Re: [oauth] OAUTH Charter Proposal kellan
- Re: [oauth] OAUTH Charter Proposal John Kemp
- Re: [oauth] OAUTH Charter Proposal Blaine Cook
- Re: [oauth] OAUTH Charter Proposal George Fletcher
- Re: [oauth] OAUTH Charter Proposal Lisa Dusseault
- Re: [oauth] OAUTH Charter Proposal Eran Hammer-Lahav
- Re: [oauth] OAUTH Charter Proposal Hallam-Baker, Phillip
- Re: [oauth] OAUTH Charter Proposal Bill de hOra
- Re: [oauth] OAUTH Charter Proposal Joseph A Holsten
- Re: [oauth] OAUTH Charter Proposal Hannes Tschofenig