Re: [OAUTH-WG] Rechartering

Mark Mcgloin <mark.mcgloin@ie.ibm.com> Tue, 14 September 2010 15:18 UTC

Return-Path: <mark.mcgloin@ie.ibm.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 73B6A3A69C3; Tue, 14 Sep 2010 08:18:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ka7VHjaFEJTd; Tue, 14 Sep 2010 08:18:54 -0700 (PDT)
Received: from mtagate2.uk.ibm.com (mtagate2.uk.ibm.com [194.196.100.162]) by core3.amsl.com (Postfix) with ESMTP id 07D9E3A69AB; Tue, 14 Sep 2010 08:18:53 -0700 (PDT)
Received: from d06nrmr1707.portsmouth.uk.ibm.com (d06nrmr1707.portsmouth.uk.ibm.com [9.149.39.225]) by mtagate2.uk.ibm.com (8.13.1/8.13.1) with ESMTP id o8EFJIdU017161; Tue, 14 Sep 2010 15:19:18 GMT
Received: from d06av04.portsmouth.uk.ibm.com (d06av04.portsmouth.uk.ibm.com [9.149.37.216]) by d06nrmr1707.portsmouth.uk.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id o8EFJIO23534874; Tue, 14 Sep 2010 16:19:18 +0100
Received: from d06av04.portsmouth.uk.ibm.com (loopback [127.0.0.1]) by d06av04.portsmouth.uk.ibm.com (8.12.11.20060308/8.13.3) with ESMTP id o8EFJIxB018033; Tue, 14 Sep 2010 16:19:18 +0100
Received: from d06ml093.portsmouth.uk.ibm.com (d06ml093.portsmouth.uk.ibm.com [9.149.104.171]) by d06av04.portsmouth.uk.ibm.com (8.12.11.20060308/8.12.11) with ESMTP id o8EFJIdI018030; Tue, 14 Sep 2010 16:19:18 +0100
In-Reply-To: <4C8C17F9.9050908@gmx.net>
References: <4C8C17F9.9050908@gmx.net>
X-KeepSent: 7BFAD5DF:F466E986-8025779E:0053D816; type=4; name=$KeepSent
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>
X-Mailer: Lotus Notes Release 8.5.1 September 28, 2009
Message-ID: <OF7BFAD5DF.F466E986-ON8025779E.0053D816-8025779E.00542972@ie.ibm.com>
From: Mark Mcgloin <mark.mcgloin@ie.ibm.com>
Date: Tue, 14 Sep 2010 16:18:43 +0100
X-MIMETrack: Serialize by Router on D06ML093/06/M/IBM(Release 8.0.2FP6|July 15, 2010) at 14/09/2010 16:18:44
MIME-Version: 1.0
Content-type: text/plain; charset=US-ASCII
Cc: oauth@ietf.org, oauth-bounces@ietf.org
Subject: Re: [OAUTH-WG] Rechartering
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Sep 2010 15:18:55 -0000

What about Security Considerations. I know some individuals have worked on
it in the past - does it need a WG to complete


Mark McGloin

Hannes Tschofenig <hannes.tschofenig@gmx.net>
Sent by: oauth-bounces@ietf.org


12/09/2010 00:59


Hi all,

at the Washington Internet Identity Workshop we had the chance to chat
about OAuth. Given the progress on the main specification we should
discuss WG re-chartering.

The following items had been proposed at the meeting:

* Messaging Signing
Example: http://www.ietf.org/mail-archive/web/oauth/current/msg04250.html

* User Experience Extensions
Example: http://datatracker.ietf.org/doc/draft-recordon-oauth-v2-ux/

* Artifact Binding
Example: http://datatracker.ietf.org/doc/draft-sakimura-oauth-requrl/

* SAML for OAuth
Example: http://datatracker.ietf.org/doc/draft-campbell-oauth-saml/

* Recommendations of commonly used Scope values
No draft available (to my knowledge)

* Dynamic Client Registration
Example: http://www.ietf.org/id/draft-oauth-dyn-reg-v1-00.txt

I am interested to hear
a) what items are important for you; we cannot work on everything at the
same time.
b) what items are you willing to co-author (requires a hard time
commitment)
c) what items are you willing to review
d) whether we should consider other items?

Btw, to have your work considered you have to submit an IETF draft.
Please use the Web tool to upload it:
https://datatracker.ietf.org/idst/upload.cgi
Also use the following filename convention:
draft-[author last name]-oauth-[some short name]-[version#].txt

Ciao
Hannes