IETF Logo Mail Archive

Re: [OAUTH-WG] Implementing MAC bearer

William Mills <wmills@yahoo-inc.com> Thu, 09 February 2012 10:46 UTC

Return-Path: <wmills@yahoo-inc.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D81721F86AB for <oauth@ietfa.amsl.com>; Thu, 9 Feb 2012 02:46:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.381
X-Spam-Level:
X-Spam-Status: No, score=-17.381 tagged_above=-999 required=5 tests=[AWL=0.217, BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_DEF_WHITELIST=-15]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SRPW8QfYOl64 for <oauth@ietfa.amsl.com>; Thu, 9 Feb 2012 02:46:49 -0800 (PST)
Received: from nm2.bullet.mail.ac4.yahoo.com (nm2.bullet.mail.ac4.yahoo.com [98.139.52.199]) by ietfa.amsl.com (Postfix) with SMTP id 3126E21F8699 for <oauth@ietf.org>; Thu, 9 Feb 2012 02:46:48 -0800 (PST)
Received: from [98.139.52.196] by nm2.bullet.mail.ac4.yahoo.com with NNFMP; 09 Feb 2012 10:46:46 -0000
Received: from [98.139.52.136] by tm9.bullet.mail.ac4.yahoo.com with NNFMP; 09 Feb 2012 10:46:46 -0000
Received: from [127.0.0.1] by omp1019.mail.ac4.yahoo.com with NNFMP; 09 Feb 2012 10:46:45 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 991326.9016.bm@omp1019.mail.ac4.yahoo.com
Received: (qmail 9206 invoked by uid 60001); 9 Feb 2012 10:46:45 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo-inc.com; s=ginc1024; t=1328784405; bh=wlwVu3XiNj7s3gi6AGLahANqoCXp/pwq1hOg9XFALsY=; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=NyyBKZ3sAlOceRH23jmG4xcyEitVPUW4dUWXgDndhEi4pPMFRDLQrFS3+4X5rzanzav0XOfGCvtC6Kgwe6sfixmIjserUCFfzKJhx8cXDpe0i0opj9pV+Wa7TDX81dh9ykb5ImCEYM8uN8pvwxw6ainRq6Q/qQFdmV3uToMuVI0=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=ginc1024; d=yahoo-inc.com; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=ULDDRItVqxZ0PUKebHayRNufwOmNzjpyHRJkYWXSZr5jzBbXMGy8AYtWzHzSrZNBQmpxKWNnjjtNkT7TsTHox+zmfoOvZatQQzXv/JlGkGwbiJFyIWrjhYabw1+jxmQ7Rs4LTVEO/Mk3I+t2K/TGVTtoF85w+767XR9DZNKQ12A=;
X-YMail-OSG: oh6bg94VM1kD5hJt_P0hylwRik1jJ2_Dxskh.IeypM_k8eZ D7YisM3fgRnNRq68aZPbUCxBsSTBUrtRpuQINdfgM3tbcoWY_dKsMgZ9voeF 92dpuW3bXIYhuM0MzfiASmhpP4vcEi9cE7uewzaNUsXPmSQ_KXing6FBbhCU EeFWEe_2rZm3_mm_ooyrNj9ryd4xU78w_Y.TL3ckXTayhJOY5u7693_xBJ6o G7GLaV5WexFeUIlyaAFGaRqHjeyknvWEZjwXL.AoLMKeogc7dWVh41azRimu sHjdAveDLk24LXeTqbPWru9xlt9yG6_ou71sIYnIEMaqFnuoCyRwG_7eA9PZ lmlIUlHHH7SFGpmyS1rK9ymkRMT7Zj2rphwKjIX4ae4u9IIAJ49YCTf4aIxe 7TZ5IGCvLXMzc_1eMN4zcWAjhiKzTvg--
Received: from [99.31.212.42] by web31801.mail.mud.yahoo.com via HTTP; Thu, 09 Feb 2012 02:46:45 PST
X-RocketYMMF: william_john_mills
X-Mailer: YahooMailWebService/0.8.117.340031
References: <CAKj3E3b7kok_uoKRWxNox8BPLgPqDYuvWu2sNSbi6y6j=sHs1g@mail.gmail.com> <90C41DD21FB7C64BB94121FBBC2E723453AADDD47B@P3PW5EX1MB01.EX1.SECURESERVER.NET> <CAKj3E3Z6qDRxXnS4u8M-Uj5f1NjwNhzK6=-9vwn92S-Gs1eXnA@mail.gmail.com>
Message-ID: <1328784405.47127.YahooMailNeo@web31801.mail.mud.yahoo.com>
Date: Thu, 09 Feb 2012 02:46:45 -0800
From: William Mills <wmills@yahoo-inc.com>
To: Erlend Hamnaberg <ngarthl@gmail.com>, Eran Hammer <eran@hueniverse.com>
In-Reply-To: <CAKj3E3Z6qDRxXnS4u8M-Uj5f1NjwNhzK6=-9vwn92S-Gs1eXnA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="-368338466-89069321-1328784405=:47127"
Cc: "OAuth@ietf.org" <OAuth@ietf.org>
Subject: Re: [OAUTH-WG] Implementing MAC bearer
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: William Mills <wmills@yahoo-inc.com>
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Feb 2012 10:46:50 -0000

It's designed to be a form of HTTP auth independent of OAuth 2.0, however you get your credentials you can still use it.  OAuth 2.0 auth bindings are defined but not required.



________________________________
 From: Erlend Hamnaberg <ngarthl@gmail.com>
To: Eran Hammer <eran@hueniverse.com> 
Cc: "OAuth@ietf.org" <OAuth@ietf.org> 
Sent: Thursday, February 9, 2012 12:11 AM
Subject: Re: [OAUTH-WG] Implementing MAC bearer
 

Great. Thanks.

One question:
 Is it possible to use mac tokens in a non-OAuth setting?

How would a UA get the MAC id and algorithm then?

The old spec had a version where you could use Cookies to do this.

Is there a reason why this couldn't work as with Digest authentication?

-E


On Wed, Feb 8, 2012 at 11:59 PM, Eran Hammer <eran@hueniverse.com> wrote:

New draft:
> 
>http://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-01
> 
>EH
> 
> 
>From:oauth-bounces@ietf.org [mailto:oauth-bounces@ietf.org] On Behalf Of Erlend Hamnaberg
>Sent: Tuesday, February 07, 2012 11:02 AM
>To: OAuth@ietf.org
>
>Subject: [OAUTH-WG] Implementing MAC bearer
> 
>Hi guys and gals.
> 
>I am trying to implement the MAC bearer within a client library.
> 
>Searching the Archive I find that the current draft version of the MAC bearer is incorrect.
> 
>For instance the body-hash is no longer supported. Is there a new draft planned soon?
>For implementers there would be great help in more examples. 
>That way we can write test cases which conforms to the spec more easily.
> 
>Best regards
> 
>Erlend

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

v2.23.0 | Report a Bug | By Email