[OAUTH-WG] Weekly github digest (OAuth Activity Summary)

Repository Activity Summary Bot <do_not_reply@mnot.net> Sun, 04 August 2024 07:39 UTC

Return-Path: <do_not_reply@mnot.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 189EAC16940E for <oauth@ietfa.amsl.com>; Sun, 4 Aug 2024 00:39:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.707
X-Spam-Level:
X-Spam-Status: No, score=-6.707 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=mnot.net header.b="HcHhM0zn"; dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=messagingengine.com header.b="GcApxWRF"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vd6kcI6mGKQN for <oauth@ietfa.amsl.com>; Sun, 4 Aug 2024 00:39:48 -0700 (PDT)
Received: from fout8-smtp.messagingengine.com (fout8-smtp.messagingengine.com [103.168.172.151]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 94196C16943C for <oauth@ietf.org>; Sun, 4 Aug 2024 00:39:48 -0700 (PDT)
Received: from compute7.internal (compute7.nyi.internal [10.202.2.48]) by mailfout.nyi.internal (Postfix) with ESMTP id C34CC138FC89 for <oauth@ietf.org>; Sun, 4 Aug 2024 03:39:47 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162]) by compute7.internal (MEProxy); Sun, 04 Aug 2024 03:39:47 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h=cc :content-type:content-type:date:from:from:in-reply-to :mime-version:reply-to:subject:subject:to:to; s=fm1; t= 1722757187; x=1722843587; bh=GgN92xmKL8wXS2ZooGlYwapSfVOVBoU6owY YHXCDkr4=; b=HcHhM0zn1JmVxVktZi40CG5R4feXKeD/y8rSbgMaFEm9lgYpggq QUpckiPN5125gPQdKfOUWSBPFQHOEY/yiw1r01vbdN5iytqLl8PTA/tVSTgBYDFH +a/huqhrNXW2RgFWolyPiJAetqpY2FrudJY0xnpOx0KrZzO7dYv1T1hox2okJG+f iz1Xhddvgg9KzGTKW2PTTHbdnC5NMwi0MNIpSLxnCfo/f/gSBAKkS5aV8RcFzpl5 dwyPcni2lZKXUap6sgKonSGIDupzqSUwhxry46+VzF8YhLgRRUT4OE3WyqJt6f6n yCrvXYYzJk6wcfeXwDfxnrLQOEW3avQwX3g==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date :feedback-id:feedback-id:from:from:in-reply-to:mime-version :reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1722757187; x= 1722843587; bh=GgN92xmKL8wXS2ZooGlYwapSfVOVBoU6owYYHXCDkr4=; b=G cApxWRF8yAFGqU30br92sMmYA27OYGHamxDCWVLBgMLWzoJHIa3A639Sy82CVQ78 BSxp08UKmIlU3L7h76CbxGMM5NPmDdgag89d78lauac30Kl4SzaAXiqLblF/28bU 6lGzSMg/5pjfYIimZvUys94SQ4RD9exzYBp0w3qPwgfDyawJa7u0S2VKx4/+C7j9 N5Xrf//d0h6fOJ6qd4DKHuzCWVremLt52hKX88x8Ek0UEdnzXKAziwNddZ3kEgHT uXeXGUCNYKi41QlZKxo/OnAAWH6pxoYZGpdafq9WIEWctUAf02Wa5+be+polsWCY aZ4dEFZ+6BODRBgDjzLYQ==
X-ME-Sender: <xms:QzCvZtvXqA1poEHCHXOJddvWp98MM5JN7zky4Gb2akeNRvR96FXFKw> <xme:QzCvZmfGrLISvk80eSN0tU2Hb_9H9WhGzu4somkPLNuly9Md4tp8Lq2ucx4o-KY9z 8Nsg3BmfS5S_Rl5IQ>
X-ME-Received: <xmr:QzCvZgxcJX4Y-Y-LJHZ_fxQm5eUgM6s81uIpCyoa7_07tv516yD6wMLWzr0LpWKZZa4RLbseQdLcTMtmHjgRUxTDaE-SwnvFHmJGXMFbBwDsFKb26CZXLQMm9R3HtRg0zMv8pA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrkeefgdduvdehucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucfpohcuuggrthgvuchfihgvlhguucdlgeelmdenuc fjughrpegtggfhvffusegrtddtredttdejnecuhfhrohhmpeftvghpohhsihhtohhrhicu tegtthhivhhithihucfuuhhmmhgrrhihuceuohhtuceoughopghnohhtpghrvghplhihse hmnhhothdrnhgvtheqnecuggftrfgrthhtvghrnhepkeefvdduteejvdefkeehieevuefg fefhteetveegffekffefteffvdelheduieetnecuffhomhgrihhnpehgihhthhhusgdrtg homhenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpegu ohgpnhhothgprhgvphhlhiesmhhnohhtrdhnvghtpdhnsggprhgtphhtthhopedt
X-ME-Proxy: <xmx:QzCvZkNljs4dqEbBZOIcKEKW33WK6KbL-LsS3U4Wx7VIdC5V4diKfg> <xmx:QzCvZt8To5EUr667QcYIoTSX-2bESsK5aWz97xi0kZh9x_Eh3o_ZYw> <xmx:QzCvZkVsxLo2QuUpk7R29c8IjmijUpnha-AB7zDNnLugafbukdiWrg> <xmx:QzCvZueoIRdvf4y55v4MAB-fBVeBl83rzr3mh7v01sBXHIDKPH3S9w> <xmx:QzCvZvIdYyyU9cvaOBCWtS9QmBdYZiE2zjheUIUkCrsFl-XNi-E7hvkc>
Feedback-ID: i1c3946f2:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <oauth@ietf.org>; Sun, 4 Aug 2024 03:39:47 -0400 (EDT)
Content-Type: multipart/alternative; boundary="===============8472573365295619694=="
MIME-Version: 1.0
From: Repository Activity Summary Bot <do_not_reply@mnot.net>
To: oauth@ietf.org
Message-Id: <20240804073948.94196C16943C@ietfa.amsl.com>
Date: Sun, 04 Aug 2024 00:39:48 -0700
Message-ID-Hash: IRSWZ3QBMCOFONXNJBVERFZUCUIPC66A
X-Message-ID-Hash: IRSWZ3QBMCOFONXNJBVERFZUCUIPC66A
X-MailFrom: do_not_reply@mnot.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [OAUTH-WG] Weekly github digest (OAuth Activity Summary)
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/YfuK4fwV8G5yBA6l-rAvlSwWdSs>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>



Events without label "editorial"

Issues
------
* oauth-wg/oauth-identity-chaining (+2/-0/šŸ’¬0)
  2 issues created:
  - Security consideration for id_chaining (by PieterKas)
    https://github.com/oauth-wg/oauth-identity-chaining/issues/93 
  - Single hop "federation" (by arndt-s)
    https://github.com/oauth-wg/oauth-identity-chaining/issues/92 

* oauth-wg/oauth-transaction-tokens (+0/-0/šŸ’¬3)
  2 issues received 3 new comments:
  - #119 Azd claim name conflict with RAR (2 by bc-pi)
    https://github.com/oauth-wg/oauth-transaction-tokens/issues/119 
  - #111 Batch or long running processes and extending lifetime of a token (1 by ashayraut)
    https://github.com/oauth-wg/oauth-transaction-tokens/issues/111 

* oauth-wg/oauth-sd-jwt-vc (+0/-2/šŸ’¬15)
  7 issues received 15 new comments:
  - #250 Drop all references to DIDs and DID resolution (8 by bc-pi, decentralgabe, peacekeeper, ssanchocanela)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/250 
  - #249 Suggestion: Should this spec be more open to multiple Credential formats? [W3C Verifiable Credentials 2.0] (2 by bc-pi, goncalo-frade-iohk)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/249 [pending close] 
  - #245 Ambiguity what should happen when no `kid` parameter is present in header when DID is used as `iss` value (1 by decentralgabe)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/245 
  - #242 Add 'vct' in well-known registry (1 by bc-pi)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/242 
  - #241 Claim 'vct' is missing in Type Metadata Format (1 by bc-pi)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/241 
  - #171 How to choose `type` values for your credential format? (1 by danielfett)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/171 
  - #116 Need a way to define confidence or assurance levels (1 by danielfett)
    https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/116 [discuss] 

  2 issues closed:
  - How to choose `type` values for your credential format? https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/171 
  - Need a way to define confidence or assurance levels https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/116 [discuss] 

* oauth-wg/oauth-selective-disclosure-jwt (+0/-0/šŸ’¬2)
  2 issues received 2 new comments:
  - #443 Give "JSON document of the SD-JWT processing and verification algorithm" a name (1 by selfissued)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/443 
  - #439 burn the burning of private keys   (1 by selfissued)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/439 [discuss-first] 

* oauth-wg/draft-ietf-oauth-status-list (+1/-0/šŸ’¬0)
  1 issues created:
  - Easy way to debug a Status List (by paulbastian)
    https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/157 



Pull requests
-------------
* oauth-wg/oauth-selective-disclosure-jwt (+4/-2/šŸ’¬0)
  4 pull requests submitted:
  - Strengthen privacy considerations (by wbl)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/448 
  - Fix typo: unlinkablility -> unlinkability (by dalebowie)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/447 
  - Clarification on composition of SD-JWT+KB (by danielfett)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/446 
  - Removed duplicate "the" (by dalebowie)
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/445 

  2 pull requests merged:
  - Fix typo: unlinkablility -> unlinkability
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/447 
  - Removed duplicate "the"
    https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/445 

* oauth-wg/oauth-v2-1 (+1/-0/šŸ’¬0)
  1 pull requests submitted:
  - fix: typos (by grjan7)
    https://github.com/oauth-wg/oauth-v2-1/pull/185 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/oauth-wg/oauth-browser-based-apps
* https://github.com/oauth-wg/oauth-identity-chaining
* https://github.com/oauth-wg/oauth-transaction-tokens
* https://github.com/oauth-wg/oauth-sd-jwt-vc
* https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata
* https://github.com/oauth-wg/oauth-cross-device-security
* https://github.com/oauth-wg/oauth-selective-disclosure-jwt
* https://github.com/oauth-wg/oauth-v2-1
* https://github.com/oauth-wg/draft-ietf-oauth-status-list
* https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth