IETF Logo Mail Archive

Re: [OAUTH-WG] DPoP - Impementations

Dario Savarese Agilitas Europe <dario.savarese@agilitaseurope.com> Thu, 25 August 2022 08:34 UTC

Return-Path: <admin@agilitaseurope.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4AC84C159493 for <oauth@ietfa.amsl.com>; Thu, 25 Aug 2022 01:34:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=agilitaseurope-com.20210112.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ee8JT9iEpN0v for <oauth@ietfa.amsl.com>; Thu, 25 Aug 2022 01:34:53 -0700 (PDT)
Received: from mail-qt1-x82c.google.com (mail-qt1-x82c.google.com [IPv6:2607:f8b0:4864:20::82c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E315EC159496 for <oauth@ietf.org>; Thu, 25 Aug 2022 01:34:45 -0700 (PDT)
Received: by mail-qt1-x82c.google.com with SMTP id h21so14667228qta.3 for <oauth@ietf.org>; Thu, 25 Aug 2022 01:34:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=agilitaseurope-com.20210112.gappssmtp.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc; bh=KwqDbigMIbngohIxtN/Dk+VGf/+N7JHYjteB2ZF2cUs=; b=O58cPD+i+XqXoktCDxrYiDN3NfKBr6U3AH4/r4njWO75PwH1Ut3o1m0SEbxZ+gaJzT FvdMEu377qSvpyh9cTkZ2Jauctle8ppXLRqwZXrrszeHOp8CHDGrwuM1Tw1tji7/WP5A 7s4k44I+9vAys8qfMNXDoEl6nlyDETZIV0Bt+bWahGTEedeV+bqEFBLBirWaeB7XbCC8 yyCLuCVsIlS3iRJUIXRyJXRcw1dp8C4tkE66JRjEcSYRTEtSD0+uM3uvDpvkShuxyvLK gIMAvjanLeFuu9l0HeQKwGdukVoAbJnr1toZCF95VKcnzeueMaqOqut0xqPX75bnvmjW /Amg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc; bh=KwqDbigMIbngohIxtN/Dk+VGf/+N7JHYjteB2ZF2cUs=; b=L7tTd0/fsrWGEADJpF65YsA6XxsQ6nwk7yzDhVr4gDwMhIpIZtYEecoHF73UxK589z NURtWuTiHUWTAN12J5Zwg+4MvhIheW7/43sO0MAyd9lHV2p9n6IWXAT24yCS8+pe8LnV 0OAdRwdu7T4Y6VWTr7aIipAvYtVlh6vkX+WeYhrSgwbI/IPpe3Uia+LIFxcgQ/BljWiV 7osJAFt2l32V8X1PLfhsae5Vn9i/79f3v63TMOgPXYKw1hfeK40SB4Uf7xVqJd2iYn+E yfPdtssAq1PnfZ4IzcO/ZNf+XBngSom+Vwap18VylGHZWVkDtjyL2elIBtzN+CTjmSe4 kHEQ==
X-Gm-Message-State: ACgBeo0HEgWliF9aFXBrQz8WqXhE/oE0ss7c/XqJosSc9h7nwdkecEyd m+i43BhNckwkxlUA7Mz8QmsBwANUi46Pt4g/sbbLsw==
X-Google-Smtp-Source: AA6agR7ZAnstpN1Ay71AeeNXTX/2F7x/G3M/AAMBCH7lsVRGtz72Z571RGMNSfPQwMfQIV+UWGiv3f3uNlYecHssDdM=
X-Received: by 2002:ac8:7f93:0:b0:344:ad82:aee7 with SMTP id z19-20020ac87f93000000b00344ad82aee7mr2595438qtj.332.1661416483756; Thu, 25 Aug 2022 01:34:43 -0700 (PDT)
MIME-Version: 1.0
References: <CADNypP-agKP45tAW7es0M5S_y_Rm_V42obWDTCSPWcXt9h5J1g@mail.gmail.com> <08afcc04-0ebc-30c8-c0a4-a2b4a63c62c1@connect2id.com> <CADNypP8FXecVqZMOK8X_i6+c1dAcN3WnaWcaHnoZKR_GQJdrQg@mail.gmail.com>
In-Reply-To: <CADNypP8FXecVqZMOK8X_i6+c1dAcN3WnaWcaHnoZKR_GQJdrQg@mail.gmail.com>
From: Dario Savarese Agilitas Europe <dario.savarese@agilitaseurope.com>
Date: Thu, 25 Aug 2022 10:34:32 +0200
Message-ID: <CAPOPoqFf69V64Ez+UFTjzuhp8+SM_0kZbL1AG-sYvWrqvXv2BQ@mail.gmail.com>
To: Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com>
Cc: oauth <oauth@ietf.org>
Content-Type: multipart/mixed; boundary="00000000000057037d05e70cabae"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/Xpxd8I65id3T9V_NaAH8R2imkpI>
Subject: Re: [OAUTH-WG] DPoP - Impementations
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Aug 2022 09:04:02 -0000

Hi Rifaat,
This is Dario from the European Anti-Fraud Office
<https://anti-fraud.ec.europa.eu/index_en> (aka OLAF).
Here in Brussels, along with my esteemed colleague Pedro and Frederic,
we defined
a B2B solution for private clients based on the DPoP draft version 03.
The solution describes the behavior of the Relying Party and the Resource
Server.
We implemented both RP and RS in JAVA extending the Spring Framework to add
the functionalities we need.

The Relying Party B2B specification has already been implemented by several
member states too.

Here attached you can find an excerpt from the documentation we send to the
member states who are willing to interact with our system.
In the second chapter of this document are highlighted a few differences
from the DPoP draft due to limitations of the AS currently used.

We are glad we could rely on this draft to improve the security of our
solution and we are looking forward to this to become an RFC.
We would like to introduce DPoP in our SPA(s)  too, this will be under
discussion in the coming months.

Feel free to contact me or my colleagues for more details:

SAVARESE Dario (OLAF-EXT) Dario.SAVARESE@ext.ec.europa.eu
DO VALE Pedro (OLAF-EXT) Pedro.DIAS-DO-VALE@ext.ec.europa.eu
POELS Frederic (OLAF) Frederic.POELS@ec.europa.eu

Cordialement - Beste Groeten - Kind Regards

*Dario Savarese*
*Chief Executive Officer*

dario.savarese@agilitaseurope.com
0032 483 59 24 15

*Agilitas Europe SRL*
*Rue Wiertz 4*
*1050 Bruxelles*


Il giorno ven 12 ago 2022 alle ore 14:15 Rifaat Shekh-Yusef <
rifaat.s.ietf@gmail.com> ha scritto:

> Thank you all for these implementation details!
>
>
>
> On Thu, Aug 11, 2022 at 1:50 PM Vladimir Dzhuvinov <
> vladimir@connect2id.com> wrote:
>
>> Hello Rifaat,
>>
>> We are very pleased with DPoP and hope to see more people using it in
>> future.
>>
>> DPoP in the OSS Nimbus OAuth 2.0 / OIDC Java SDK:
>>
>>
>> https://connect2id.com/products/nimbus-oauth-openid-connect-sdk/examples/oauth/dpop
>>
>> In the c2id server:
>>
>> https://connect2id.com/products/server/docs/datasheet#dpop
>>
>> Vladimir Dzhuvinov
>>
>> On 11/08/2022 00:39, Rifaat Shekh-Yusef wrote:
>>
>> All,
>>
>> As part of the shepherd write-up for the *DPoP* document, we are looking
>> for information about implementations of this draft.
>> https://datatracker.ietf.org/doc/draft-ietf-oauth-dpop/
>>
>> Please, reply to this email on the mailing list with any
>> implementations that you are aware of to support this document.
>>
>> Regards,
>>  Rifaat & Hannes
>>
>> _______________________________________________
>> OAuth mailing listOAuth@ietf.orghttps://www.ietf.org/mailman/listinfo/oauth
>>
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
>>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>

v2.23.0 | Report a Bug | By Email