IETF Logo Mail Archive

Re: [OAUTH-WG] problem statement

Eran Hammer-Lahav <eran@hueniverse.com> Tue, 06 September 2011 19:21 UTC

Return-Path: <eran@hueniverse.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F77421F8D56 for <oauth@ietfa.amsl.com>; Tue, 6 Sep 2011 12:21:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.558
X-Spam-Level:
X-Spam-Status: No, score=-2.558 tagged_above=-999 required=5 tests=[AWL=0.040, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8QlfwIPK1o7O for <oauth@ietfa.amsl.com>; Tue, 6 Sep 2011 12:21:11 -0700 (PDT)
Received: from p3plex1out02.prod.phx3.secureserver.net (p3plex1out02.prod.phx3.secureserver.net [72.167.180.18]) by ietfa.amsl.com (Postfix) with SMTP id 0E38921F8CB2 for <oauth@ietf.org>; Tue, 6 Sep 2011 12:21:11 -0700 (PDT)
Received: (qmail 11316 invoked from network); 6 Sep 2011 19:22:37 -0000
Received: from unknown (HELO smtp.ex1.secureserver.net) (72.167.180.20) by p3plex1out02.prod.phx3.secureserver.net with SMTP; 6 Sep 2011 19:22:37 -0000
Received: from P3PW5EX1MB01.EX1.SECURESERVER.NET ([10.6.135.19]) by P3PW5EX1HT002.EX1.SECURESERVER.NET ([72.167.180.20]) with mapi; Tue, 6 Sep 2011 12:22:26 -0700
From: Eran Hammer-Lahav <eran@hueniverse.com>
To: Melinda Shore <melinda.shore@gmail.com>, "oauth@ietf.org" <oauth@ietf.org>
Date: Tue, 06 Sep 2011 12:22:17 -0700
Thread-Topic: [OAUTH-WG] problem statement
Thread-Index: Acxsyk7/FEL+4oukQhq3IUfgvJyIkQ==
Message-ID: <CA8BC074.19447%eran@hueniverse.com>
In-Reply-To: <4E6671FA.3090503@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.12.0.110505
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_CA8BC07419447eranhueniversecom_"
MIME-Version: 1.0
Subject: Re: [OAUTH-WG] problem statement
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Sep 2011 19:21:11 -0000

I understood his request and disagree that any action needs to be taken. It is unreasonable to expect every protocol to discuss the security considerations of a user installing malware.

EHL

From: Melinda Shore <melinda.shore@gmail.com<mailto:melinda.shore@gmail.com>>
Date: Tue, 6 Sep 2011 12:18:18 -0700
To: "oauth@ietf.org<mailto:oauth@ietf.org>" <oauth@ietf.org<mailto:oauth@ietf.org>>
Subject: Re: [OAUTH-WG] problem statement

On 09/06/2011 11:11 AM, Jill Burrows wrote:
I repeat, it is not an OAuth problem.

If I'm reading Mike correctly (and if I'm not it won't be the
first time I've misunderstood him), he's not really asking for
OAUTH to solve this particular problem but to clarify the
documents and beef up discussions of what is and is not in
scope.  He read the document and couldn't figure out whether
or not this particular problem is the business of the working
group.

Melinda
_______________________________________________
OAuth mailing list
OAuth@ietf.org<mailto:OAuth@ietf.org>
https://www.ietf.org/mailman/listinfo/oauth

v2.23.0 | Report a Bug | By Email