IETF Logo Mail Archive

Re: [OAUTH-WG] Few questions about HOTK

William Mills <wmills_92105@yahoo.com> Fri, 21 December 2012 05:30 UTC

Return-Path: <wmills_92105@yahoo.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2044421E803C for <oauth@ietfa.amsl.com>; Thu, 20 Dec 2012 21:30:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.184
X-Spam-Level:
X-Spam-Status: No, score=-0.184 tagged_above=-999 required=5 tests=[BAYES_40=-0.185, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UHbwWNO6e+Pk for <oauth@ietfa.amsl.com>; Thu, 20 Dec 2012 21:30:10 -0800 (PST)
Received: from nm8.bullet.mail.bf1.yahoo.com (nm8.bullet.mail.bf1.yahoo.com [98.139.212.167]) by ietfa.amsl.com (Postfix) with ESMTP id 582E421E802E for <oauth@ietf.org>; Thu, 20 Dec 2012 21:30:10 -0800 (PST)
Received: from [98.139.212.150] by nm8.bullet.mail.bf1.yahoo.com with NNFMP; 21 Dec 2012 05:30:09 -0000
Received: from [98.139.212.195] by tm7.bullet.mail.bf1.yahoo.com with NNFMP; 21 Dec 2012 05:30:09 -0000
Received: from [127.0.0.1] by omp1004.mail.bf1.yahoo.com with NNFMP; 21 Dec 2012 05:30:09 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 791791.30658.bm@omp1004.mail.bf1.yahoo.com
Received: (qmail 33840 invoked by uid 60001); 21 Dec 2012 05:30:09 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1356067808; bh=hluB9nnFMB73zPDDVdshvs8xP97wrAJYKQofL5lfZrI=; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=V1tcoVwMz7BXxJ0+Phct2TUuGso7KTN2KEP02dHyqmydczvvZ9/48jxYuz4spHVk8zTKQ23WOxz8VbZPBlfdCgZpmXG8K5SBHfmpqRHQrsZ7lY2xbM70OKCTBw1L12M6GzUtoDPi41Xl6362a5N/EuBihi+oP98jcJmwYJbSDBw=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=FB0LDCB0XV5KNM78sBhe/C5sPz+SGc5DTjXhdYJo50g/UsnrfWaphlL5l1rYK0ue2pZk66HJRWQ/Ug71p6a74MkufQjp1ps1kOTuYZtPElBDJebdw2Q2KzfmZCg1ShAuvotn3M+uQB2tuCT2KjJ/Xz2LfExkNREr7h7XyJ73ptU=;
X-YMail-OSG: _qCL_BwVM1kD.E6AF7Sq6bsATPIYvPq3EIqCaradA5ZeP4m qoyICdu6F8O9H4lvdLB1PXzYWETqd1vL5QXi_BeL3sUpkXDic1cb_Cedu1.H rIoh8NvToG.spHc9loN3hrMYv5qIy3zPx2uc0xnHqjDeCmO0y51PH5Rlr5yT q3O7X_w4EpTt3sClZZkJNlELBjoLaCBpWg1k7OQ16DcDgq2TCj_G7yh_HQJV t3DVG.CC.hkj0ytZatV5a52wY6a1u9np8pr2KDU9A1oCjclvr4imhW4KV4cx jippBWkwS9Hj0Ofe3V8Cehjit8VROee9Y.sfgWg5pTYdNyWRPE_l0WyjjjlA AnOjXKBb6jnJYfTX2SXU2.OO66I.LWXuHlQJVgrQ8Uyv6DM.ogn69GY1Bpdr 3QXtUejO2A5cTBhF_XDZYfpExmwLl4cI1O7W2.1a1E.Y5zvzl7Fh9qXGKS.z u9Z8GOj8YoRIwKXTUFB8nF494R1dcYnTk7rZTHtBvqOC1MgCPR_wFBiOneGP _oXq57U.DvbdgD9_U_hLe
Received: from [99.31.212.42] by web31810.mail.mud.yahoo.com via HTTP; Thu, 20 Dec 2012 21:30:08 PST
X-Rocket-MIMEInfo: 001.001, TUFDIGFuZCBIT1RLIGRlc2NyaWJlIGRpZmZlcmVudCBwcm9wZXJ0aWVzIG9mIGEgdG9rZW4sIGFuZCBjb3VsZCBib3RoIGJlIHVzZWQgaW4gdGhlIHNhbWUgdG9rZW4uIMKgTUFDIHNwZWNpZmllcyBhIGJhc2ljIGZvcm1hdCBmb3IgYSBzaWduZWQgdG9rZW4gcGF5bG9hZCBhbmQgdHJhbnNhY3Rpb24uIMKgSE9USyBkZWZpbmVzIHBhcnQgb2YgYSB0b2tlbiBwYXlsb2FkLiDCoEhPVEsgcGF5bG9hZCBjYW4gYmUgY2FycmllZCBpbiBhIE1BQyB0b2tlbi4KCi1iaWxsCgoKX19fX19fX19fX19fX19fX19fX19fX18BMAEBAQE-
X-Mailer: YahooMailWebService/0.8.129.483
References: <50D387DB.4080608@gmail.com>
Message-ID: <1356067808.32663.YahooMailNeo@web31810.mail.mud.yahoo.com>
Date: Thu, 20 Dec 2012 21:30:08 -0800
From: William Mills <wmills_92105@yahoo.com>
To: Sergey Beryozkin <sberyozkin@gmail.com>, "<oauth@ietf.org>" <oauth@ietf.org>
In-Reply-To: <50D387DB.4080608@gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="1935884094-435479364-1356067808=:32663"
Subject: Re: [OAUTH-WG] Few questions about HOTK
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: William Mills <wmills_92105@yahoo.com>
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Dec 2012 05:30:11 -0000

MAC and HOTK describe different properties of a token, and could both be used in the same token.  MAC specifies a basic format for a signed token payload and transaction.  HOTK defines part of a token payload.  HOTK payload can be carried in a MAC token.

-bill


________________________________
 From: Sergey Beryozkin <sberyozkin@gmail.com>
To: "<oauth@ietf.org>" <oauth@ietf.org> 
Sent: Thursday, December 20, 2012 1:49 PM
Subject: [OAUTH-WG] Few questions about HOTK
 
Hi Hannes, others,

I'd like to understand what is the difference between HOTK Symmetric [1] and MAC [2].

I'm reading about HOTK Symmetric and JWS profile and it seems like HOTK Symmetric text can support MAC.

My main question at the moment: does HOTK (Symmetric) offer an alternative to MAC or is HOTK actually a higher-level token scheme which can support different types of tokens ?

thanks, Sergey

[1] http://tools.ietf.org/html/draft-tschofenig-oauth-hotk-01
[2] http://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-02
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

v2.35.0 | Report a Bug | By Email | System Status