IETF Logo Mail Archive

Re: [OAUTH-WG] IPR Disclosures - OAuth 2.0 Authorization Server Issuer Identification

Karsten Meyer zu Selhausen <karsten.meyerzuselhausen@hackmanit.de> Thu, 09 September 2021 11:34 UTC

Return-Path: <karsten.meyerzuselhausen@hackmanit.de>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 99C933A0CF5 for <oauth@ietfa.amsl.com>; Thu, 9 Sep 2021 04:34:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=hackmanit.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KWlWeHUv5wGR for <oauth@ietfa.amsl.com>; Thu, 9 Sep 2021 04:34:04 -0700 (PDT)
Received: from mail-ed1-x531.google.com (mail-ed1-x531.google.com [IPv6:2a00:1450:4864:20::531]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 29FE63A0FCC for <oauth@ietf.org>; Thu, 9 Sep 2021 04:34:02 -0700 (PDT)
Received: by mail-ed1-x531.google.com with SMTP id eb14so2191346edb.8 for <oauth@ietf.org>; Thu, 09 Sep 2021 04:34:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hackmanit.de; s=google; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to; bh=l21TIJ7Lb9rM8Q1fFx9Gn30qAkrSK6j7HXMKzr3NAsI=; b=iF2eOz8tqRH6LhR9ifp8UCRRAkK/yeAa1kW+1QWRUEcGXCeq/kWec4OmkdXhrxl0Kh yQXrqbBDlCHOSdGshLgJJdzDB2/nunFZE/qTAi/7gJOzVDvxycofAAlPIQnGk3eWJ8XY ZX9pCPifXlK6Jg9qoKAv8W2ovoe7/kqSj9vYQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to; bh=l21TIJ7Lb9rM8Q1fFx9Gn30qAkrSK6j7HXMKzr3NAsI=; b=lqdp7vVkERsgfTUNzm9b1IQzTxzEAHP5J/5r9banCExQj8YqUJ3qZE/b1De9x4TeFb h2+D6V1J6jpgfZjC6i6dRfJhXmqh9hIo2hIbAMKClgoHHcG4T7fBNhiYWQoV2W8/VtQK 7qkLjxvvHAqkxLbqSUcmPiAEPNcafJqE7WNYi13LuuPExuw/bGWoSMB5TyVq1k3gHk0x PDQ0kNK9nagFBPZngkU2fz+vL1rFNYCwZmI+4l/MplKXO/R4rtrNMIdo+344OL7t1zT2 A/9ebxHDamOGuZRu39cR4sqMPgKyVuZnPbXfWR54dMXnuXbCzWLoRa0pye9wI5HGtgVN q5uw==
X-Gm-Message-State: AOAM531nwTIsBq+xKPJ6UBqimbWZz5J39m/qciLpfHLAxIi9sZek1ka3 os7IdU0ktpxv1chSr8m7P/LmQw==
X-Google-Smtp-Source: ABdhPJwr52EUsgwKID4Ss7hMede1/87kUHG1gkUlXiaBrgC/N+Y7DxbdL4DbLEsYF1I1suQ8b0CFCA==
X-Received: by 2002:a05:6402:6d2:: with SMTP id n18mr2637876edy.333.1631187240115; Thu, 09 Sep 2021 04:34:00 -0700 (PDT)
Received: from [192.168.137.22] (b2b-37-24-87-133.unitymedia.biz. [37.24.87.133]) by smtp.gmail.com with ESMTPSA id t12sm789753ejc.63.2021.09.09.04.33.59 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 09 Sep 2021 04:33:59 -0700 (PDT)
To: Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com>, oauth <oauth@ietf.org>
References: <CADNypP8G4_zrxd2603fTtDA=mx1r_d3uJNYP0whm2ypMu02OZg@mail.gmail.com> <CADNypP_uEEjyj5QeFMgXTibDgXQW14O3NGdBik_ZT19r5Saz3g@mail.gmail.com>
From: Karsten Meyer zu Selhausen <karsten.meyerzuselhausen@hackmanit.de>
Message-ID: <1546b25e-4cac-55dd-e0d5-4d742bff832b@hackmanit.de>
Date: Thu, 09 Sep 2021 13:33:58 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.14.0
MIME-Version: 1.0
In-Reply-To: <CADNypP_uEEjyj5QeFMgXTibDgXQW14O3NGdBik_ZT19r5Saz3g@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="At598LxqJ2SKLHoLA3ZzKAyWqgTFoxGTc"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/kqnONSCJNfvnL80VD_hatGSOKe0>
Subject: Re: [OAUTH-WG] IPR Disclosures - OAuth 2.0 Authorization Server Issuer Identification
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Sep 2021 11:34:10 -0000

Hi Rifaat,

sorry for the delay.

I am not aware of any IPR related to the OAuth 2.0 Authorization Server 
Issuer Identification draft.

Best regards,
Karsten

On 08.09.2021 18:44, Rifaat Shekh-Yusef wrote:
> Karsten, Daniel,
>
> Any update on this?
>
> Regards,
>  Rifaat
>
>
> On Sat, Sep 4, 2021 at 10:30 AM Rifaat Shekh-Yusef 
> <rifaat.s.ietf@gmail.com <mailto:rifaat.s.ietf@gmail.com>> wrote:
>
>     Authors,
>
>     As part of the shepherd write-up, all authors of the document must
>     confirm that any and all appropriate IPR disclosures required for
>     full conformance with the provisions of BCP 78 and BCP 79 have
>     already been filed.
>
>     Please, reply to this email on the mailing list and indicate if
>     you are aware of any IPRs associated with this document.
>
>     Regards,
>      Rifaat
>
-- 
Karsten Meyer zu Selhausen
Senior IT Security Consultant
Phone:	+49 (0)234 / 54456499
Web:	https://hackmanit.de | IT Security Consulting, Penetration Testing, Security Training

Is your OAuth or OpenID Connect application vulnerable to mix-up attacks? Find out more on our blog:
https://www.hackmanit.de/en/blog-en/132-how-to-protect-your-oauth-client-against-mix-up-attacks

Hackmanit GmbH
Universitätsstraße 60 (Exzenterhaus)
44789 Bochum

Registergericht: Amtsgericht Bochum, HRB 14896
Geschäftsführer: Prof. Dr. Jörg Schwenk, Prof. Dr. Juraj Somorovsky, Dr. Christian Mainka, Prof. Dr. Marcus Niemietz

v2.23.0 | Report a Bug | By Email