Re: [OAUTH-WG] Call for Adoption: Mutual TLS Profiles for OAuth Clients
Dave Tonge <dave.tonge@momentumft.co.uk> Fri, 21 April 2017 09:32 UTC
Return-Path: <dave.tonge@bluespeckfinancial.co.uk>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 620F7129426 for <oauth@ietfa.amsl.com>; Fri, 21 Apr 2017 02:32:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.688
X-Spam-Level:
X-Spam-Status: No, score=-2.688 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=momentumft.co.uk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NKztIKbqoJja for <oauth@ietfa.amsl.com>; Fri, 21 Apr 2017 02:32:02 -0700 (PDT)
Received: from mail-io0-x22c.google.com (mail-io0-x22c.google.com [IPv6:2607:f8b0:4001:c06::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DA40A129A8D for <oauth@ietf.org>; Fri, 21 Apr 2017 02:32:01 -0700 (PDT)
Received: by mail-io0-x22c.google.com with SMTP id r16so106764925ioi.2 for <oauth@ietf.org>; Fri, 21 Apr 2017 02:32:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=momentumft.co.uk; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=6XsbT481k3Tl5pkgzwkbkacj6B+FdzOPf0Qi4iqhdrk=; b=NgCFLBRTJMFqjNWJ9Qg8JupvdUI0JI9fvSYUVYS4Mgq4+AAJbkVAgHJrxHOctdRXPW FCzgmpJ6DjyaxEWLFMNlAZYprGUn5b2S7Tbs3AZweXs6nr2GoZknPwUNGIbuuLmaEZ4M zRnBBN6v5dhcCgYWLXzsUBVUpt3MrcqtoqDbE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=6XsbT481k3Tl5pkgzwkbkacj6B+FdzOPf0Qi4iqhdrk=; b=a7iJNIZKXlJW98QWFN8zpAq5sVupj2N4GkkzdYcNASv6g6wmfGdCW1P1Y5PHJw3fb9 pcikf0syYtpoC50UTSVODKDyFsfbPfSekOwCrBbyFIeK3P+45Ox72VneW3mElWc6/r1k pTaM4T9mQcSwlYf8Vro6+po8xa5UyrLjoK3KvorawU7JTfZ6DG720hW5BX1waOlxIRRb WTLxpHw/vTo7CKh/zNa/LcejrQy+VTetKPwzSWalPcoHd3hZn62/tpoGbopWg79f3aks 0o80Glsp/vtuz2F6XcBqf6smSPwt2kPqDct0Pztxjsbro2vGh0Eivtpes7qN43ax4Co9 /Yiw==
X-Gm-Message-State: AN3rC/5c13x0ygJsmb9Lriuhv60DyY8A+Ei+HVdX3KISIgy4tXZByOHA c+yHl6WsLBMJzzxT+E+1eIIaLza3xypJ
X-Received: by 10.36.230.5 with SMTP id e5mr9510837ith.0.1492767120102; Fri, 21 Apr 2017 02:32:00 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.107.164.170 with HTTP; Fri, 21 Apr 2017 02:31:39 -0700 (PDT)
In-Reply-To: <95776354-79e3-caa7-ba60-84cfec7f899f@gmx.net>
References: <95776354-79e3-caa7-ba60-84cfec7f899f@gmx.net>
From: Dave Tonge <dave.tonge@momentumft.co.uk>
Date: Fri, 21 Apr 2017 10:31:39 +0100
Message-ID: <CAP-T6TSMn-hsNG1XL+SEkKQWmqxPa8EckEWU5+9mG6RSZjhLJw@mail.gmail.com>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Cc: "oauth@ietf.org" <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c11c82eed5ed4054da9edb9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/raWcX63KGCvlwwDQRfJ70OfGRsE>
Subject: Re: [OAUTH-WG] Call for Adoption: Mutual TLS Profiles for OAuth Clients
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Apr 2017 09:32:04 -0000
I support adoption of draft-campbell-oauth-mtls As previously mentioned this spec will be very useful for Europe where there is legislation requiring the use of certificate-based authentication and many financial groups and institutions are considering OAuth2. The UK Open Banking Implementation Entity has a strong interest in using this spec. Dave On 20 April 2017 at 17:32, Hannes Tschofenig <hannes.tschofenig@gmx.net> wrote: > Hi all, > > based on the strong support for this document at the Chicago IETF > meeting we are issuing a call for adoption of the "Mutual TLS Profiles > for OAuth Clients" document, see > https://tools.ietf.org/html/draft-campbell-oauth-mtls-01 > > Please let us know by May 4th whether you accept / object to the > adoption of this document as a starting point for work in the OAuth > working group. > > Ciao > Hannes & Rifaat > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > -- Dave Tonge CTO [image: Moneyhub Enterprise] <http://www.google.com/url?q=http%3A%2F%2Fmoneyhubenterprise.com%2F&sa=D&sntz=1&usg=AFQjCNGUnR5opJv5S1uZOVg8aISwPKAv3A> 10 Temple Back, Bristol, BS1 6FL t: +44 (0)117 280 5120 Moneyhub Enterprise is a trading style of Momentum Financial Technology Limited which is authorised and regulated by the Financial Conduct Authority ("FCA"). Momentum Financial Technology is entered on the Financial Services Register (FRN 561538) at fca.org.uk/register. Momentum Financial Technology is registered in England & Wales, company registration number 06909772 © . Momentum Financial Technology Limited 2016. DISCLAIMER: This email (including any attachments) is subject to copyright, and the information in it is confidential. Use of this email or of any information in it other than by the addressee is unauthorised and unlawful. Whilst reasonable efforts are made to ensure that any attachments are virus-free, it is the recipient's sole responsibility to scan all attachments for viruses. All calls and emails to and from this company may be monitored and recorded for legitimate purposes relating to this company's business. Any opinions expressed in this email (or in any attachments) are those of the author and do not necessarily represent the opinions of Momentum Financial Technology Limited or of any other group company.
- [OAUTH-WG] Call for Adoption: Mutual TLS Profiles… Hannes Tschofenig
- Re: [OAUTH-WG] Call for Adoption: Mutual TLS Prof… John Bradley
- Re: [OAUTH-WG] Call for Adoption: Mutual TLS Prof… Brian Campbell
- Re: [OAUTH-WG] Call for Adoption: Mutual TLS Prof… Phil Hunt (IDM)
- Re: [OAUTH-WG] Call for Adoption: Mutual TLS Prof… Manger, James
- Re: [OAUTH-WG] Call for Adoption: Mutual TLS Prof… Dave Tonge
- Re: [OAUTH-WG] Call for Adoption: Mutual TLS Prof… Nat Sakimura
- Re: [OAUTH-WG] Call for Adoption: Mutual TLS Prof… Torsten Lodderstedt
- Re: [OAUTH-WG] Call for Adoption: Mutual TLS Prof… William Denniss
- Re: [OAUTH-WG] Call for Adoption: Mutual TLS Prof… Samuel Erdtman
- Re: [OAUTH-WG] Call for Adoption: Mutual TLS Prof… Justin Richer
- [OAUTH-WG] Fwd: Call for Adoption: Mutual TLS Pro… Hannes Tschofenig
- Re: [OAUTH-WG] Fwd: Call for Adoption: Mutual TLS… Hannes Tschofenig