[OAUTH-WG] 3rd OAuth Security Workshop (OSW 2018)
Hannes Tschofenig <Hannes.Tschofenig@arm.com> Thu, 14 December 2017 09:00 UTC
Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 40AE51275C5 for <oauth@ietfa.amsl.com>; Thu, 14 Dec 2017 01:00:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.91
X-Spam-Level:
X-Spam-Status: No, score=-2.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=-1, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YG9X2wM9mzYQ for <oauth@ietfa.amsl.com>; Thu, 14 Dec 2017 01:00:10 -0800 (PST)
Received: from EUR03-DB5-obe.outbound.protection.outlook.com (mail-eopbgr40068.outbound.protection.outlook.com [40.107.4.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8CA00120046 for <oauth@ietf.org>; Thu, 14 Dec 2017 01:00:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector1-arm-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=oIMuHVPA0xuM1jfUfXUtrqjwLEc1DowjcN/+9T0xGE4=; b=MqfK0FcWq7rYVp9sTUzDCnw74Ej88EL2OEPzkOxJ9u2qD9OnJEeLV16Sbjy09+bkgqVavEHA8xIIdzW8qdR3nW4lFQQZ3tXEpO35kFK+s3H/UlxmyPAO9se6cFruCO6Ueo/cqJiWLNZexdoFUlonvPbIPriZOKt3kCprZUNHn2c=
Received: from AM4PR0801MB2706.eurprd08.prod.outlook.com (10.167.90.148) by AM4PR0801MB2706.eurprd08.prod.outlook.com (10.167.90.148) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.302.9; Thu, 14 Dec 2017 09:00:06 +0000
Received: from AM4PR0801MB2706.eurprd08.prod.outlook.com ([fe80::b9af:5048:9d97:f7e6]) by AM4PR0801MB2706.eurprd08.prod.outlook.com ([fe80::b9af:5048:9d97:f7e6%14]) with mapi id 15.20.0302.013; Thu, 14 Dec 2017 09:00:06 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: 3rd OAuth Security Workshop (OSW 2018)
Thread-Index: AdN0uB/T+4wdQKrgRbablUGaZSSlWQ==
Date: Thu, 14 Dec 2017 09:00:06 +0000
Message-ID: <AM4PR0801MB2706C980A7AA6280E664DDFCFA0A0@AM4PR0801MB2706.eurprd08.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
x-originating-ip: [80.92.123.79]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; AM4PR0801MB2706; 6:W7cQ/zPt1d8jevzEc7gvaPJtrw/kxco+Uwn+vtyS2OzJ1Z+1mNVjmQcqkDmeIXi0Zt8om2gr5Z3x5A+nTfZnaxmacWB7YYl6KoxWv9kVtD1ZtPUO1SoF6BWhfaVlsALSuNUbSG5mugm3SVgwG3faf54gZE+sPqGpJiCpLDuP54aFiu25E38jq95gmSSbUe+qoF2yAC51odfXLVhrPZDfwFG0wz1k7CdxwyK9k7JVMvyAdtgxaZ/TBUXuGWi443w8nNtlzDxCwR5+QuUJevhCKyi7sr031LmYeUgUC+oHu5z0vEaUzAqVk6M5LavxoUNIWh/espBdnwx+ShcxiCwKgOHuMTWepPQgVbdY8wLZ7pw=; 5:iGjswIIuhCceULOO2AEgfO42KxfutC9oHRMK9sOIZZ+2ezbeBJWKJFZbb/YcXkRXktrXCwjVdiz8JJpxK3bf3EI8ioM7+q7Q0mQ9pPyE9c+MC7Q44Cp85GMfoOKzOK8DCC6Z9XMOrnpKmaO+6xTRAa5Lla8t9K40Nz3VTB30Xs4=; 24:ARwCNJS9hviUr5ndtKi+iTJiofXhBoWlrkmJvaqaFJr8On5HPCuzSIlqg5+7s31g6gbhd/NernJblViIe2Wmc+CXT9aQrt35u5zdEV72b8A=; 7:fGAA/nAWs1cMgRe5dIfnBRRpMF/hgwJhNMD3AsipXJDiFMP2msTWwoOvjb3VUs8eLFZjYXomgM7ziGdr4I0LqeREZoE2yWP0BeY6VRksB3dCrGRH/TPPcil7XWf5vU7hym5fujQWuUkNXolBGiIBx5s5dEXxlqW7B5cQxUTJCk/YmKZkcrEAjZyydxntmJFgOdaa6aIDm4J1D+9GUXStXW5o2POOQG+mNHbWvmdDSqmxMsflYV+W06Hsc0vJ4hcX
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 94c62612-3faf-43dd-316b-08d542d11286
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(48565401081)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(5600026)(4604075)(2017052603307); SRVR:AM4PR0801MB2706;
x-ms-traffictypediagnostic: AM4PR0801MB2706:
x-microsoft-antispam-prvs: <AM4PR0801MB27069A1ED68561BA4C4C4577FA0A0@AM4PR0801MB2706.eurprd08.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(209352067349851)(192374486261705)(21532816269658);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040450)(2401047)(5005006)(8121501046)(3231023)(93006095)(93001095)(3002001)(10201501046)(6055026)(6041248)(20161123558100)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123555025)(20161123560025)(20161123564025)(20161123562025)(6072148)(201708071742011); SRVR:AM4PR0801MB2706; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:AM4PR0801MB2706;
x-forefront-prvs: 05214FD68E
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(39860400002)(346002)(396003)(366004)(199004)(189003)(53754006)(28244002)(40434004)(81156014)(15650500001)(7736002)(74316002)(33656002)(2900100001)(561944003)(66066001)(81166006)(2906002)(8676002)(305945005)(99286004)(102836003)(6436002)(3846002)(9686003)(5640700003)(1730700003)(53936002)(55016002)(106356001)(5890100001)(2501003)(5250100002)(2351001)(6116002)(6306002)(105586002)(59450400001)(3660700001)(7696005)(3280700002)(8936002)(86362001)(316002)(14454004)(5660300001)(6916009)(25786009)(478600001)(97736004)(966005)(72206003)(4743002)(68736007)(6506007)(45080400002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM4PR0801MB2706; H:AM4PR0801MB2706.eurprd08.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 94c62612-3faf-43dd-316b-08d542d11286
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Dec 2017 09:00:06.8238 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR0801MB2706
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/_asIJGA659btCn9QeAH3PSDKVyM>
Subject: [OAUTH-WG] 3rd OAuth Security Workshop (OSW 2018)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Dec 2017 09:00:17 -0000
Hi all, at the Singapore IETF meeting I announced the next OAuth security workshop and provided a link to the website at during the introduction of the OAuth WG meeting. Below is the call for papers and tutorials. Please keep the deadline (January 19, 2018) in mind. The workshop takes place the week before the London IETF meeting. We would appreciate your input and contributions since this is our primary way to reach out to the research community. Ciao Hannes & Rifaat Call for Position Papers and Tutorials ============================ Third OAuth Security Workshop (OSW 2018) Fondazione Bruno Kessler Trento, Italy March 14-16, 2018 Workshop website: https://st.fbk.eu/osw2018 == About OSW 2018 == The OAuth Security Workshop (OSW) aim is to improve the security of OAuth and related Internet protocols by a direct exchange of views between academic researchers, IETF OAuth Working Group members and industry. The workshop is hosted by the Security and Trust research unit of the Bruno Kessler Foundation (FBK). While the standardization process of OAuth ensures extensive reviews (both security and non-security related), further analysis by security experts from academia and industry is essential to ensure high quality specifications. Contributions to this workshop can help to improve the security of the Web and the Internet. == Scope and Topics == We seek position papers related to OAuth, OpenID Connect, and other technologies using OAuth under the hood. Contributions regarding technologies that are used in OAuth, such as JOSE, or impact the security of OAuth, such as Web technology, are also welcome. Areas of interest where OAuth can be used as enabler of innovative scenarios include: - IoT, SmartCities and Industry 4.0. - Mobile and Strong authentication. - Federated Identity. - Privacy-enhancing technologies. == Important Dates == - Position paper and Tutorial submission deadline: January 19, 2018 (AoE, UTC-12). - Author notification: February 5, 2018 - Workshop: Wed, March 14, 2018 (half-day), Thu, March 15, 2018 (full-day), and Fri, March 16, 2018 (half day) == Submissions == We solicit position papers that highlight challenges and lesson-learned from OAuth-based work. As all papers and presentations will be shared online without formal proceedings, we accept different kinds of submissions: from original contributions to already published or preliminary works. Submissions must be in PDF format and should feature reasonable margins and formatting. There is no page limit, but the submission should be brief (ideally not more than 3-5 pages). Submissions should not be anonymized. Authors of accepted papers will have the option to revise their papers before they are put online. One of the authors of the accepted position paper is expected to present the paper at the workshop. The workshop will host a half-day (March 14, 2018) tutorial program. Each tutorial proposal should concisely describe the content and objectives of the tutorial, and include: - title - abstract - outline of the tutorial content - intended audience, including possible assumed background of attendees - name, affiliation, email address, and brief biography of the speaker(s) - duration: 1 hour or 2 hours Tutorial proposals should be submitted as a PDF file. Submissions should be distinguished by the prefix "Tutorial:" in the title. Submission Website: https://easychair.org/conferences/?conf=osw2018 == IPR Policy == The workshop will have no expectation of IPR disclosure or licensing related to its submissions. Authors are responsible for obtaining appropriate publication clearances. == Workshop Chair == - Silvio Ranise (Security & Trust, Fondazione Bruno Kessler) == Program Committee == Chairs - Roberto Carbone (Security & Trust, Fondazione Bruno Kessler) - Hannes Tschofenig (IETF OAuth Working Group Co-Chair) Members - Michael Jones (Microsoft) - Ralf Kuesters (University of Stuttgart) - Torsten Lodderstedt (YES Europe AG) - Chris Mitchell (Royal Holloway, University of London) - Anthony Nadalin (Microsoft) - Nat Sakimura (Nomura Research Institute) - Antonio Sanso (Adobe) - Ralf Sasse (ETH Zurich) - Joerg Schwenk (Ruhr-Universität Bochum) - Giada Sciarretta (Security & Trust, Fondazione Bruno Kessler and Univ. of Trento) == Conference site and contacts == For more detailed information please refer to the workshop web site: https://st.fbk.eu/osw2018 If you have any questions on OSW18, please contact carbone [at] fbk [dot] eu, giada.sciarretta [at] fbk [dot] eu IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
- [OAUTH-WG] 3rd OAuth Security Workshop (OSW 2018) Hannes Tschofenig