IETF Logo Mail Archive

Re: [OAUTH-WG] Call for agenda items

Nat Sakimura <sakimura@gmail.com> Tue, 06 March 2018 01:10 UTC

Return-Path: <sakimura@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5EB6B127601 for <oauth@ietfa.amsl.com>; Mon, 5 Mar 2018 17:10:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W-glcJom8eXC for <oauth@ietfa.amsl.com>; Mon, 5 Mar 2018 17:09:58 -0800 (PST)
Received: from mail-wm0-x234.google.com (mail-wm0-x234.google.com [IPv6:2a00:1450:400c:c09::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 691521241F5 for <oauth@ietf.org>; Mon, 5 Mar 2018 17:09:58 -0800 (PST)
Received: by mail-wm0-x234.google.com with SMTP id 139so19157189wmn.2 for <oauth@ietf.org>; Mon, 05 Mar 2018 17:09:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=lfxJbX6O+VKi7DS/r3PpVy6IwJN6D0393FMrOQTJW4U=; b=j8jOvT9J1PxZcyenAErto0cX6daH1eTRQKmpA8sNQTAde0txdr2OzFzWUydaKZ0CuD bPhAMcvVKDltOgHVjyWhXwz9WXrgWwbgtNGg+/KLaNUta4kC0b6l+cU/nMyKMYkBAktA DtUZBAkUb3UAVf9cXf6OcS4kz/pDfCqXKyCdlIWoGQPQy1DSHyWLHkzDMBjM0a5SkPN1 +7SmMgFR04nym7C6BZArQD3r98xl5CRCRwDWioAMZKhsEZgPSaLrWohW6eq6u0viCfpw JfktIwlg1hVsrEB7OzPrDen2xfLKIBqqBHsEcCPG1NlqFD7KrNf1PngtCM20ORa/SLDQ 9XRg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=lfxJbX6O+VKi7DS/r3PpVy6IwJN6D0393FMrOQTJW4U=; b=IihJu4WA9zOvrqYp7Q+gNkPAW7bUIL9iylXznf6UJL/2a9JXm4ztcon8yRzowKVVJ9 T7YNc0/O4lMUOgcAsh6CqL5YoMdMFnjbAqoPZnTYVMAti/SDWBAOko6NGMK7mtDGpPhO IRWxfiXFPOki5tNbozUl0H5be7iTY8MUKDdzt4/YcCFHtTdNKMG6ZNSedI+cJLuML2dg DppXpBE7B4yD4Zq7t4u7NiQa/8qsLxs7GX8BfXjvpMdyV3mRmyJ+Sdt7dd8H3QSrp0g6 T6oD/WTIfVVuD/SH8cCDbor9NuzJ5+8PGVJMJzSzzdJdltRaws+L5hOtxfpSrf/MV9op JMBw==
X-Gm-Message-State: AElRT7EQaqLw55TbkrdjvNbMZGsclZTyjGp6Hr2GhitvUCcpypWTAICH unAWfX1wLxqkTpDP6v5VK2DfNJKjix9k3ETROms=
X-Google-Smtp-Source: AG47ELvlqHkPnQnAIklk2RI/fuKnmC8Q+DNr9Z72iibIi8eO8YPU4YP9aoIJHQutlf1Fi6wyuPy/wv080hyfZn0oiYI=
X-Received: by 10.28.103.9 with SMTP id b9mr9259602wmc.32.1520298596771; Mon, 05 Mar 2018 17:09:56 -0800 (PST)
MIME-Version: 1.0
References: <AM4PR0801MB270614990E501071CDB3A2F9FAE40@AM4PR0801MB2706.eurprd08.prod.outlook.com> <CAAP42hAy8iFHDa9hQxNMxytiWjf=MyrCDRzZ4MjvRq8xi0+Baw@mail.gmail.com>
In-Reply-To: <CAAP42hAy8iFHDa9hQxNMxytiWjf=MyrCDRzZ4MjvRq8xi0+Baw@mail.gmail.com>
From: Nat Sakimura <sakimura@gmail.com>
Date: Tue, 06 Mar 2018 01:09:46 +0000
Message-ID: <CABzCy2DzJUL86MVTA9xL4Cpv4=ooZyZJ3N1QNS0QKvgr8DJHgA@mail.gmail.com>
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, William Denniss <wdenniss@google.com>
Cc: oauth <oauth@ietf.org>, Brian Campbell <bcampbell@pingidentity.com>
Content-Type: multipart/alternative; boundary="001a114b2eced0315f0566b419b2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/_j0rgxnLrQGjQX8ITRC8xxc6dUA>
Subject: Re: [OAUTH-WG] Call for agenda items
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Mar 2018 01:10:01 -0000

I would be interested in hearing that.

Also, as part of "Distributed OAuth", can we do a bit of re-cap on some of
the previous drafts on the similar topic as we discussed in the interim?
i.e., Brian's draft (where is the link now?) and my draft (
draft-sakimura-oauth-meta
<https://tools.ietf.org/id/draft-sakimura-oauth-meta-08.txt>)?

Best,

Nat

On Tue, Mar 6, 2018 at 3:30 AM William Denniss <wdenniss@google.com> wrote:

> Hannes & Rifaat,
>
> I would like the opportunity to present on OAuth 2.0 Incremental
> Authorization (draft-wdenniss-oauth-incremental-auth) [an update for which
> will be posted today] and "OAuth 2.0 Device Posture Signals"
> (draft-wdenniss-oauth-device-posture).
>
> I can also give an update on the status of Device Flow
> (draft-ietf-oauth-device-flow). I expect that to be short now that WGLC has
> concluded and the document has advanced.
>
> Little late to this thread and I see we already have 2 sessions in the
> draft agenda, but I'd like to add my support to keeping both sessions,
> there's always a lot to discuss and in the past we've been able to use any
> spare time to discuss the security topics of the day.
>
> Regards,
> William
>
>
>
>
> On Tue, Jan 30, 2018 at 4:40 AM Hannes Tschofenig <
> Hannes.Tschofenig@arm.com> wrote:
>
>> Hi all,
>>
>>
>>
>> It is time already to think about the agenda for the next IETF meeting.
>> Rifaat and I were wondering whether we need one or two sessions. We would
>> like to make the decision based on the topics we will discuss. Below you
>> can find a first version of the agenda with a few remarks. Let us know if
>> you have comments or suggestions for additional agenda items.
>>
>>
>>
>> Ciao
>> Hannes & Rifaat
>>
>>
>>
>> OAuth Agenda
>>
>> ------------
>>
>>
>>
>> - Welcome and Status Update  (Chairs)
>>
>>
>>
>>   * OAuth Security Workshop Report
>>
>>
>>
>>   * Documents in IESG processing
>>
>>      # draft-ietf-oauth-device-flow-07
>>
>>      # draft-ietf-oauth-discovery-08
>>
>>      # draft-ietf-oauth-jwsreq-15
>>
>>      # draft-ietf-oauth-token-exchange-11
>>
>>
>>
>>        Remark: Status updates only if needed.
>>
>>
>>
>> -  JSON Web Token Best Current Practices
>>
>>    # draft-ietf-oauth-jwt-bcp-00
>>
>>
>>
>>    Remark: We are lacking reviews on this document.
>>
>>    Most likely we will not get them during the f2f meeting
>>
>>    but rather by reaching out to individuals ahead of time.
>>
>>
>>
>> -  OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound
>> Access Tokens
>>
>>    # draft-ietf-oauth-mtls-06
>>
>>
>>
>>    Remark: Could be completed by the time of the IETF meeting.
>>
>>
>>
>> - OAuth Security Topics
>>
>>   # draft-ietf-oauth-security-topics-04
>>
>>
>>
>>   Remark: We could do a consensus call on parts of the document soon.
>>
>>
>>
>> - OAuth 2.0 Token Binding
>>
>>   # draft-ietf-oauth-token-binding-05
>>
>>
>>
>>   Remark: Document is moving along but we are lacking implementations.
>>
>>
>>
>> - OAuth 2.0 Device Posture Signals
>>
>>   # draft-wdenniss-oauth-device-posture-01
>>
>>
>>
>>   Remark: Interest in the work but we are lacking content (maybe even
>>
>>   expertise in the group)
>>
>>
>>
>> - Reciprocal OAuth
>>
>>   # draft-hardt-oauth-mutual-02
>>
>>
>>
>>   Remark: We had a virtual interim meeting on this topic and there is
>>
>>   interest in this work and apparently no competing solutions. The plan
>>
>>   is to run a call for adoption once we are allowed to add a new
>> milestone
>>
>>   to our charter.
>>
>>
>>
>> - Distributed OAuth
>>
>>   # draft-hardt-oauth-distributed-00
>>
>>
>>
>>   Remark: We had a virtual interim meeting on this topic and there is
>>
>>   interest in this work. Further work on the scope is needed.
>> IMPORTANT NOTICE: The contents of this email and any attachments are
>> confidential and may also be privileged. If you are not the intended
>> recipient, please notify the sender immediately and do not disclose the
>> contents to any other person, use it for any purpose, or store or copy the
>> information in any medium. Thank you.
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
>>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>
-- 

Nat Sakimura

Chairman of the Board, OpenID Foundation

v2.23.0 | Report a Bug | By Email