Re: [OAUTH-WG] Call for agenda items
Nat Sakimura <sakimura@gmail.com> Tue, 06 March 2018 01:10 UTC
Return-Path: <sakimura@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5EB6B127601 for <oauth@ietfa.amsl.com>; Mon, 5 Mar 2018 17:10:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W-glcJom8eXC for <oauth@ietfa.amsl.com>; Mon, 5 Mar 2018 17:09:58 -0800 (PST)
Received: from mail-wm0-x234.google.com (mail-wm0-x234.google.com [IPv6:2a00:1450:400c:c09::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 691521241F5 for <oauth@ietf.org>; Mon, 5 Mar 2018 17:09:58 -0800 (PST)
Received: by mail-wm0-x234.google.com with SMTP id 139so19157189wmn.2 for <oauth@ietf.org>; Mon, 05 Mar 2018 17:09:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=lfxJbX6O+VKi7DS/r3PpVy6IwJN6D0393FMrOQTJW4U=; b=j8jOvT9J1PxZcyenAErto0cX6daH1eTRQKmpA8sNQTAde0txdr2OzFzWUydaKZ0CuD bPhAMcvVKDltOgHVjyWhXwz9WXrgWwbgtNGg+/KLaNUta4kC0b6l+cU/nMyKMYkBAktA DtUZBAkUb3UAVf9cXf6OcS4kz/pDfCqXKyCdlIWoGQPQy1DSHyWLHkzDMBjM0a5SkPN1 +7SmMgFR04nym7C6BZArQD3r98xl5CRCRwDWioAMZKhsEZgPSaLrWohW6eq6u0viCfpw JfktIwlg1hVsrEB7OzPrDen2xfLKIBqqBHsEcCPG1NlqFD7KrNf1PngtCM20ORa/SLDQ 9XRg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=lfxJbX6O+VKi7DS/r3PpVy6IwJN6D0393FMrOQTJW4U=; b=IihJu4WA9zOvrqYp7Q+gNkPAW7bUIL9iylXznf6UJL/2a9JXm4ztcon8yRzowKVVJ9 T7YNc0/O4lMUOgcAsh6CqL5YoMdMFnjbAqoPZnTYVMAti/SDWBAOko6NGMK7mtDGpPhO IRWxfiXFPOki5tNbozUl0H5be7iTY8MUKDdzt4/YcCFHtTdNKMG6ZNSedI+cJLuML2dg DppXpBE7B4yD4Zq7t4u7NiQa/8qsLxs7GX8BfXjvpMdyV3mRmyJ+Sdt7dd8H3QSrp0g6 T6oD/WTIfVVuD/SH8cCDbor9NuzJ5+8PGVJMJzSzzdJdltRaws+L5hOtxfpSrf/MV9op JMBw==
X-Gm-Message-State: AElRT7EQaqLw55TbkrdjvNbMZGsclZTyjGp6Hr2GhitvUCcpypWTAICH unAWfX1wLxqkTpDP6v5VK2DfNJKjix9k3ETROms=
X-Google-Smtp-Source: AG47ELvlqHkPnQnAIklk2RI/fuKnmC8Q+DNr9Z72iibIi8eO8YPU4YP9aoIJHQutlf1Fi6wyuPy/wv080hyfZn0oiYI=
X-Received: by 10.28.103.9 with SMTP id b9mr9259602wmc.32.1520298596771; Mon, 05 Mar 2018 17:09:56 -0800 (PST)
MIME-Version: 1.0
References: <AM4PR0801MB270614990E501071CDB3A2F9FAE40@AM4PR0801MB2706.eurprd08.prod.outlook.com> <CAAP42hAy8iFHDa9hQxNMxytiWjf=MyrCDRzZ4MjvRq8xi0+Baw@mail.gmail.com>
In-Reply-To: <CAAP42hAy8iFHDa9hQxNMxytiWjf=MyrCDRzZ4MjvRq8xi0+Baw@mail.gmail.com>
From: Nat Sakimura <sakimura@gmail.com>
Date: Tue, 06 Mar 2018 01:09:46 +0000
Message-ID: <CABzCy2DzJUL86MVTA9xL4Cpv4=ooZyZJ3N1QNS0QKvgr8DJHgA@mail.gmail.com>
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, William Denniss <wdenniss@google.com>
Cc: oauth <oauth@ietf.org>, Brian Campbell <bcampbell@pingidentity.com>
Content-Type: multipart/alternative; boundary="001a114b2eced0315f0566b419b2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/_j0rgxnLrQGjQX8ITRC8xxc6dUA>
Subject: Re: [OAUTH-WG] Call for agenda items
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Mar 2018 01:10:01 -0000
I would be interested in hearing that. Also, as part of "Distributed OAuth", can we do a bit of re-cap on some of the previous drafts on the similar topic as we discussed in the interim? i.e., Brian's draft (where is the link now?) and my draft ( draft-sakimura-oauth-meta <https://tools.ietf.org/id/draft-sakimura-oauth-meta-08.txt>)? Best, Nat On Tue, Mar 6, 2018 at 3:30 AM William Denniss <wdenniss@google.com> wrote: > Hannes & Rifaat, > > I would like the opportunity to present on OAuth 2.0 Incremental > Authorization (draft-wdenniss-oauth-incremental-auth) [an update for which > will be posted today] and "OAuth 2.0 Device Posture Signals" > (draft-wdenniss-oauth-device-posture). > > I can also give an update on the status of Device Flow > (draft-ietf-oauth-device-flow). I expect that to be short now that WGLC has > concluded and the document has advanced. > > Little late to this thread and I see we already have 2 sessions in the > draft agenda, but I'd like to add my support to keeping both sessions, > there's always a lot to discuss and in the past we've been able to use any > spare time to discuss the security topics of the day. > > Regards, > William > > > > > On Tue, Jan 30, 2018 at 4:40 AM Hannes Tschofenig < > Hannes.Tschofenig@arm.com> wrote: > >> Hi all, >> >> >> >> It is time already to think about the agenda for the next IETF meeting. >> Rifaat and I were wondering whether we need one or two sessions. We would >> like to make the decision based on the topics we will discuss. Below you >> can find a first version of the agenda with a few remarks. Let us know if >> you have comments or suggestions for additional agenda items. >> >> >> >> Ciao >> Hannes & Rifaat >> >> >> >> OAuth Agenda >> >> ------------ >> >> >> >> - Welcome and Status Update (Chairs) >> >> >> >> * OAuth Security Workshop Report >> >> >> >> * Documents in IESG processing >> >> # draft-ietf-oauth-device-flow-07 >> >> # draft-ietf-oauth-discovery-08 >> >> # draft-ietf-oauth-jwsreq-15 >> >> # draft-ietf-oauth-token-exchange-11 >> >> >> >> Remark: Status updates only if needed. >> >> >> >> - JSON Web Token Best Current Practices >> >> # draft-ietf-oauth-jwt-bcp-00 >> >> >> >> Remark: We are lacking reviews on this document. >> >> Most likely we will not get them during the f2f meeting >> >> but rather by reaching out to individuals ahead of time. >> >> >> >> - OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound >> Access Tokens >> >> # draft-ietf-oauth-mtls-06 >> >> >> >> Remark: Could be completed by the time of the IETF meeting. >> >> >> >> - OAuth Security Topics >> >> # draft-ietf-oauth-security-topics-04 >> >> >> >> Remark: We could do a consensus call on parts of the document soon. >> >> >> >> - OAuth 2.0 Token Binding >> >> # draft-ietf-oauth-token-binding-05 >> >> >> >> Remark: Document is moving along but we are lacking implementations. >> >> >> >> - OAuth 2.0 Device Posture Signals >> >> # draft-wdenniss-oauth-device-posture-01 >> >> >> >> Remark: Interest in the work but we are lacking content (maybe even >> >> expertise in the group) >> >> >> >> - Reciprocal OAuth >> >> # draft-hardt-oauth-mutual-02 >> >> >> >> Remark: We had a virtual interim meeting on this topic and there is >> >> interest in this work and apparently no competing solutions. The plan >> >> is to run a call for adoption once we are allowed to add a new >> milestone >> >> to our charter. >> >> >> >> - Distributed OAuth >> >> # draft-hardt-oauth-distributed-00 >> >> >> >> Remark: We had a virtual interim meeting on this topic and there is >> >> interest in this work. Further work on the scope is needed. >> IMPORTANT NOTICE: The contents of this email and any attachments are >> confidential and may also be privileged. If you are not the intended >> recipient, please notify the sender immediately and do not disclose the >> contents to any other person, use it for any purpose, or store or copy the >> information in any medium. Thank you. >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > -- Nat Sakimura Chairman of the Board, OpenID Foundation
- [OAUTH-WG] Call for agenda items Hannes Tschofenig
- Re: [OAUTH-WG] Call for agenda items William Denniss
- Re: [OAUTH-WG] Call for agenda items Mike Jones
- Re: [OAUTH-WG] Call for agenda items Nat Sakimura
- Re: [OAUTH-WG] Call for agenda items Rifaat Shekh-Yusef
- Re: [OAUTH-WG] Call for agenda items Hannes Tschofenig
- Re: [OAUTH-WG] Call for agenda items Brian Campbell
- Re: [OAUTH-WG] Call for agenda items n-sakimura
- Re: [OAUTH-WG] Call for agenda items Rifaat Shekh-Yusef
- Re: [OAUTH-WG] Call for agenda items n-sakimura
- Re: [OAUTH-WG] Call for agenda items Dick Hardt
- Re: [OAUTH-WG] Call for agenda items n-sakimura
- Re: [OAUTH-WG] Call for agenda items Dick Hardt
- Re: [OAUTH-WG] Call for agenda items Hannes Tschofenig
- Re: [OAUTH-WG] Call for agenda items Dick Hardt
- Re: [OAUTH-WG] Call for agenda items Hannes Tschofenig
- Re: [OAUTH-WG] Call for agenda items Dick Hardt
- Re: [OAUTH-WG] Call for agenda items Hannes Tschofenig
- Re: [OAUTH-WG] Call for agenda items Dick Hardt