[OAUTH-WG] WGLC on "OAuth 2.0 Proof-of-Possession (PoP) Security Architecture"

Hannes Tschofenig <hannes.tschofenig@gmx.net> Sat, 29 November 2014 09:00 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 246931A017D for <oauth@ietfa.amsl.com>; Sat, 29 Nov 2014 01:00:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F8eSBxTMGX8F for <oauth@ietfa.amsl.com>; Sat, 29 Nov 2014 01:00:01 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.20]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 120D71A017E for <oauth@ietf.org>; Sat, 29 Nov 2014 01:00:01 -0800 (PST)
Received: from [192.168.131.133] ([80.92.115.84]) by mail.gmx.com (mrgmx103) with ESMTPSA (Nemesis) id 0MIMyZ-1XtoGX40Xn-004CDt for <oauth@ietf.org>; Sat, 29 Nov 2014 09:59:59 +0100
Message-ID: <54798B0E.6020402@gmx.net>
Date: Sat, 29 Nov 2014 09:59:58 +0100
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0
MIME-Version: 1.0
To: "oauth@ietf.org" <oauth@ietf.org>
OpenPGP: id=4D776BC9
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="fXuITgpHiGXsNFRUjju8J7F9txqK1uECC"
X-Provags-ID: V03:K0:SHhcEeWOxsitLp8lfuMapM4s/GT7+q5MXBrGrdicdJ8DGaXLjHG MBK0XtxW8M18Nxfo107Ir/Jw6jtcvbEcDVtvM1rscvxmivEKY1+JpoTHGG8rbYGCpmPbIqE xhVceCgaQCZ7kHTKxJiQDh6UElmbmQFXShP6ugx4wKgFeLM6eKL0uGGBRqce5pDymfcK16q RrpPH9SJ8miqf5kbDYPgg==
X-UI-Out-Filterresults: notjunk:1;
Archived-At: http://mailarchive.ietf.org/arch/msg/oauth/l2Ln02aSjUBqIUC1KpDdICOUUg0
Subject: [OAUTH-WG] WGLC on "OAuth 2.0 Proof-of-Possession (PoP) Security Architecture"
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Nov 2014 09:00:10 -0000

Hi all,

as discussed at the last IETF meeting we are processing with the
proof-of-possession work. We are therefore starting a working group last
call for the "OAuth 2.0 Proof-of-Possession (PoP) Security Architecture".

Here is the document:
http://tools.ietf.org/html/draft-ietf-oauth-pop-architecture-00

Since the document covers scenarios, use cases, requirements, and
architecture it should actually be easy to read for everyone.

Please send you comments to the OAuth mailing list by December 13, 2014.

Ciao
Hannes & Derek