Re: [OAUTH-WG] OMA Liaison Has Arrived!
Igor Faynberg <igor.faynberg@alcatel-lucent.com> Wed, 24 August 2011 16:44 UTC
Return-Path: <igor.faynberg@alcatel-lucent.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7498D21F8C80 for <oauth@ietfa.amsl.com>; Wed, 24 Aug 2011 09:44:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.606
X-Spam-Level:
X-Spam-Status: No, score=-6.606 tagged_above=-999 required=5 tests=[AWL=-0.007, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XynUIc9Eyc4I for <oauth@ietfa.amsl.com>; Wed, 24 Aug 2011 09:44:11 -0700 (PDT)
Received: from ihemail4.lucent.com (ihemail4.lucent.com [135.245.0.39]) by ietfa.amsl.com (Postfix) with ESMTP id B9A1021F8C3E for <oauth@ietf.org>; Wed, 24 Aug 2011 09:44:11 -0700 (PDT)
Received: from usnavsmail4.ndc.alcatel-lucent.com (usnavsmail4.ndc.alcatel-lucent.com [135.3.39.12]) by ihemail4.lucent.com (8.13.8/IER-o) with ESMTP id p7OGjK2S026402 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <oauth@ietf.org>; Wed, 24 Aug 2011 11:45:20 -0500 (CDT)
Received: from umail.lucent.com (umail-ce2.ndc.lucent.com [135.3.40.63]) by usnavsmail4.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id p7OGjJOn017108 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for <oauth@ietf.org>; Wed, 24 Aug 2011 11:45:20 -0500
Received: from [135.244.35.237] (faynberg.lra.lucent.com [135.244.35.237]) by umail.lucent.com (8.13.8/TPES) with ESMTP id p7OGjIGg009761; Wed, 24 Aug 2011 11:45:19 -0500 (CDT)
Message-ID: <4E552A9E.6040201@alcatel-lucent.com>
Date: Wed, 24 Aug 2011 12:45:18 -0400
From: Igor Faynberg <igor.faynberg@alcatel-lucent.com>
Organization: Alcatel-Lucent
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.18) Gecko/20110616 Thunderbird/3.1.11
MIME-Version: 1.0
To: oauth@ietf.org
References: <CAC4RtVCafc=sTUOZ0h7BtXZ2rmZGpZ5xRCrsP=0fHRh8kOF3Cg@mail.gmail.com> <CAC4RtVANUV3Q2=_j2tniZVo9xzSRArFsMg_j5Xa40ruEy3gbRw@mail.gmail.com>
In-Reply-To: <CAC4RtVANUV3Q2=_j2tniZVo9xzSRArFsMg_j5Xa40ruEy3gbRw@mail.gmail.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.39
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.12
Subject: Re: [OAUTH-WG] OMA Liaison Has Arrived!
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: igor.faynberg@alcatel-lucent.com
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Aug 2011 16:44:12 -0000
Bravo! This has been project-managed masterly. Igor On 8/24/2011 8:32 AM, Barry Leiba wrote: > On Mon, Aug 22, 2011 at 1:53 PM, Barry Leiba<barryleiba@computer.org> wrote: >> I intend to add the following to the response to this item: >> "The working group understands that client code needs to know whether >> to use and decode percent-encoding. The issue is being discussed and >> tracked, and will be resolved before the final version of the bearer >> document is produced." > > For confirmation: Murray Kucherawy, our liaison to OMA, delivered our > response yesterday (Tuesday, 23 August), and OMA has acknowledged it. > They thank us for our prompt response. > > Barry, as chair > >> ----------------------------------------------------------------- >> >> The IETF OAuth working group thanks OMA ARC SEC for the liaison >> statement titled "OAuth discovery and specification availability", >> dated 18 July 2011. >> >> The OMA liaison statement asks the OAuth working group to address five >> issues, and our answers are as follows: >> >> • Availability of the IETF OAuth specifications: especially >> [draft-ietf-oauth-v2] and [draft-ietf-oauth-v2-bearer], and also >> [draft-hammer-oauth-v2-mac-token], >> [draft-lodderstedt-oauth-revocation] and [draft-recordon-oauth-v2-ux]. >> >> Answer: >> The IETF cannot guarantee publication dates, but we can give some >> best-guess timeframes. At this writing, draft-ietf-oauth-v2 and >> draft-ietf-oauth-v2-bearer have completed Working Group last call and >> are undergoing their final revisions before being sent to the IESG. >> We expect the final versions of those documents to be in the RFC >> Editor queue around the end of September, though it could be later if >> issues come up in IETF-wide last call or during IESG evaluation. The >> draft-hammer-oauth-v2-mac-token document has been replaced by >> draft-ietf-oauth-v2-http-mac, which is a working group document. It >> is likely to be in the RFC Editor queue by the end of the year. >> >> The remaining two documents are not working group documents, and the >> working group can say nothing about their status. The OAuth working >> group intends to revise its charter in the November timeframe, and >> it's possible that one or both of those documents could be adopted by >> the working group at that time, and we could have further information >> about target publication dates then. >> >> • Availability of the OAuth Parameters Registry >> >> Answer: >> The draft-ietf-oauth-v2 document establishes the OAuth Parameters >> Registry (in section 11.2, as of draft version 20). The registry will >> be available when the RFC is published, which will be some time after >> the document goes into the RFC Editor queue, depending upon the RFC >> Editor's load at the time. >> >> • IETF intent to specify an OAuth Discovery mechanism >> >> Answer: >> There is interest among OAuth working group participants for >> specifying such a mechanism, but the work is not in the current >> charter. It will likely be considered during the aforementioned >> charter update in (approximately) November. >> >> • Considerations that can help implementors decide about the type of >> OAuth access token to deploy. >> >> Answer: >> There is no current work planned, but documents with such >> implementation advice might also be considered during the rechartering >> discussion. >> >> • For bearer tokens: clarification whether the non-support of percent >> encoding for scope-v element of WWW-Authenticate Response Header Field >> grammar is intentional. >> >> Answer: >> In the bearer token document (Section 2.4 of >> draft-ietf-oauth-v2-bearer-08, "The WWW-Authenticate Response Header >> Field"), the "scope-v" element is unambiguously defined to allow a >> specific set of characters. That set of characters does permit, but >> does not mandate, support for percent-encoding of characters. >> >> ----------------------------------------------------------------- > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
- Re: [OAUTH-WG] OMA Liaison Has Arrived! Barry Leiba
- Re: [OAUTH-WG] OMA Liaison Has Arrived! Igor Faynberg
- Re: [OAUTH-WG] OMA Liaison Has Arrived! Lodderstedt, Torsten
- Re: [OAUTH-WG] OMA Liaison Has Arrived! scope-v Manger, James H
- Re: [OAUTH-WG] OMA Liaison Has Arrived! scope-v Barry Leiba
- Re: [OAUTH-WG] OMA Liaison Has Arrived! scope-v William J. Mills
- Re: [OAUTH-WG] OMA Liaison Has Arrived! scope-v Barry Leiba
- Re: [OAUTH-WG] OMA Liaison Has Arrived! Barry Leiba
- Re: [OAUTH-WG] OMA Liaison Has Arrived! Igor Faynberg