Re: [OAUTH-WG] OAuth 2.0 Pushed Authorization Requests: Implementation Status

Vladimir Dzhuvinov <vladimir@connect2id.com> Thu, 25 March 2021 10:59 UTC

Return-Path: <vladimir@connect2id.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D49A23A1D82 for <oauth@ietfa.amsl.com>; Thu, 25 Mar 2021 03:59:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9BIbkcebLlkK for <oauth@ietfa.amsl.com>; Thu, 25 Mar 2021 03:59:20 -0700 (PDT)
Received: from p3plsmtpa12-01.prod.phx3.secureserver.net (p3plsmtpa12-01.prod.phx3.secureserver.net [68.178.252.230]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BCCE43A1D8A for <oauth@ietf.org>; Thu, 25 Mar 2021 03:59:20 -0700 (PDT)
Received: from [192.168.88.211] ([94.155.17.31]) by :SMTPAUTH: with ESMTPSA id PNhtl8oemU8CmPNhulwGKT; Thu, 25 Mar 2021 03:59:19 -0700
X-CMAE-Analysis: v=2.4 cv=Y+Y9DjSN c=1 sm=1 tr=0 ts=605c6d07 a=+I3yL00+yDwT8KNLgfs+4A==:117 a=+I3yL00+yDwT8KNLgfs+4A==:17 a=q0rX5H01Qin5IyBaTmIA:9 a=r77TgQKjGQsHNAKrUKIA:9 a=__SxRlIrAAAA:8 a=48vgC7mUAAAA:8 a=evI5P3fA9Q6jvcggWBQA:9 a=pILNOxqGKmIA:10 a=UqCG9HQmAAAA:8 a=3-4Q0LOGliRRmnMLqqgA:9 a=X3vsv-sRf4k0PXSp:21 a=UiCQ7L4-1S4A:10 a=hTZeC7Yk6K0A:10 a=_W_S_7VecoQA:10 a=D8lnhvtxf0AONpHuB7QA:9 a=ZVk8-NSrHBgA:10 a=30ssDGKg3p0A:10 a=H5r4HjhRfVyZ-DhAOYba:22 a=w1C3t2QeGrPiZgrLijVG:22 a=RBBcRewTFc8P4JkPnay6:22
X-SECURESERVER-ACCT: vladimir@connect2id.com
To: oauth@ietf.org
References: <VI1PR08MB2639645D092026CCD11A2328FA639@VI1PR08MB2639.eurprd08.prod.outlook.com>
From: Vladimir Dzhuvinov <vladimir@connect2id.com>
Organization: Connect2id Ltd.
Message-ID: <6f7f7bf5-7f50-7bf8-5f97-ca48c8d6e759@connect2id.com>
Date: Thu, 25 Mar 2021 12:59:17 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1
MIME-Version: 1.0
In-Reply-To: <VI1PR08MB2639645D092026CCD11A2328FA639@VI1PR08MB2639.eurprd08.prod.outlook.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms010907040108030300060906"
X-CMAE-Envelope: MS4xfAJlpiuXXB028Vb2feB9rNF3Ya9hPN3g2jzjjU3Ic6X8ghVm+A5Dc7zUGqDDIF6xGygBM/OYGWDYhmqC2Ue2HpjaGqEO/6GkNs50v2ZrCNl8p9aActIh rnlLHd4/QMgV8iShyBQXqr+JP3P1tMEf+6P/hMXOGe6gq5nQ0FJj+enhL8kySVjOuiRu2P8Xz0AA4w==
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/dRYAd9syVK50eB6gl3s8VWOAANE>
Subject: Re: [OAUTH-WG] OAuth 2.0 Pushed Authorization Requests: Implementation Status
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 10:59:25 -0000

Supported by

  * the Connect2id server

  * the open source OAuth 2.0 / OIDC SDK, and also picked up by some
    downstream security frameworks and projects

    https://connect2id.com/blog/pushed-authorisation-request-in-oauth-sdk


Adoption of PAR seems to be progressing rather well, which I find 
positive and a testament to the PAR simplicity and ingenuity.

Vladimir


On 24/03/2021 21:53, Hannes Tschofenig wrote:
>
> Hi all,
>
> I am working on the shepherd writeup and I need information about the 
> implementation status of this specification.
>
> Can you share whether you are implementing, or planning to implement 
> this specification? If there is open source, please drop a link to the 
> mailing list. If you implement it in your product, please let us know 
> as well.
>
> This information helps the steering committee to judge the quality and 
> maturity of the work.
>
> Ciao
>
> Hannes
>
> IMPORTANT NOTICE: The contents of this email and any attachments are 
> confidential and may also be privileged. If you are not the intended 
> recipient, please notify the sender immediately and do not disclose 
> the contents to any other person, use it for any purpose, or store or 
> copy the information in any medium. Thank you.
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth