Re: [OAUTH-WG] Second OAuth Security Workshop (Call for Papers)

Jim Manico <jim@manicode.com> Fri, 21 April 2017 05:17 UTC

Return-Path: <jim@manicode.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5AD7A12940F for <oauth@ietfa.amsl.com>; Thu, 20 Apr 2017 22:17:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.597
X-Spam-Level:
X-Spam-Status: No, score=-2.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=manicode-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qV8jT5QOQF-0 for <oauth@ietfa.amsl.com>; Thu, 20 Apr 2017 22:17:24 -0700 (PDT)
Received: from mail-io0-x22c.google.com (mail-io0-x22c.google.com [IPv6:2607:f8b0:4001:c06::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B5E5D124BFA for <oauth@ietf.org>; Thu, 20 Apr 2017 22:17:24 -0700 (PDT)
Received: by mail-io0-x22c.google.com with SMTP id a103so104659454ioj.1 for <oauth@ietf.org>; Thu, 20 Apr 2017 22:17:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=manicode-com.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=0w1h8vlVoJCayqjTO/w1Mp67JJLvIH7oX7omvKc82Rk=; b=lto00yRgLgVfSQFAvDbr4hqLO/Aq7Fsnlr4mEfWJgahxPKgv8Rl38wQ0CHbFt1gCEC vg4WQbPXi5o8iBVULjAHiiliE5365KV/RnQ/r7kaBmuMuMyX146aPsX6zkzyDTBRmTva fqFarpgAadOvLLIJqpXc2lqMeDbZa1ht3b5tj4a3GXAPRNDA1pNUYOfr4bXPjzjfcmAj FudJ5F1mZVa9ZhWlGJsPfqdlBUmjJQpV9aDKsaROxg3Zat9ceOmi1A8y4c+uf8UlysWV onc9HrHxbihFCTPGkovTqTI/9HF0ofJPcVr8itmHNaP5LCIT+wmGJomDcqneM0hAe526 ng0Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=0w1h8vlVoJCayqjTO/w1Mp67JJLvIH7oX7omvKc82Rk=; b=DU5qtLfhOMlEOzgM3GQ1fUjyFqUT7lsR8r/NkZDY8ac22RopiLEQA2GtkzOBY+thCi I1DsOjHbX9Agtgb+qpUXOaOfvwgTcbNEnQ/ZY1Xd/YA6Zy4YUvF4LqmGpWUkZHB2NU7Y zQBRDNmb8UdgFytSNzibVC1I0a3QN4SXnAXKnXXVOUIAHyIqr0T1wHa+4Y37qFTeyJ6q RBuqRcFH90QCqeyL5fbQhD55VyfJXgLQWH4KDiy0oaFVKQEe7B18EtetRR2VwxS3Vpiz UhyYzxORBdX0jqSF4JVx6S9OQshgcVDKoR+mHzMlSiygp+SJ6iouaqZqetQeRQTFq0Oi bIRw==
X-Gm-Message-State: AN3rC/60Z+jtoRV79VvrZucmba/K5Ioaq3gJZkWmiIdSGWH75TyZjcME OTVdMeN1pjP24BTBX1tFTQ==
X-Received: by 10.98.44.142 with SMTP id s136mr10911045pfs.244.1492751842067; Thu, 20 Apr 2017 22:17:22 -0700 (PDT)
Received: from [10.67.240.225] (mobile-166-170-39-35.mycingular.net. [166.170.39.35]) by smtp.gmail.com with ESMTPSA id b74sm13323110pfl.58.2017.04.20.22.17.19 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 20 Apr 2017 22:17:21 -0700 (PDT)
Content-Type: multipart/alternative; boundary=Apple-Mail-CE543B2F-05F0-4150-A2C2-52E191D24B11
Mime-Version: 1.0 (1.0)
From: Jim Manico <jim@manicode.com>
X-Mailer: iPhone Mail (14E304)
In-Reply-To: <4ACE4772-E01B-4D9A-8AED-7926B9E87615@lodderstedt.net>
Date: Fri, 21 Apr 2017 07:17:16 +0200
Cc: "oauth@ietf.org" <oauth@ietf.org>
Content-Transfer-Encoding: 7bit
Message-Id: <7F32DADA-E665-4C1A-BD7F-244C63CE0F2C@manicode.com>
References: <ed9a8430-5c80-6be3-8b5d-1759c4218919@lodderstedt.net> <BN6PR21MB05003786286B93ECF604D923F5220@BN6PR21MB0500.namprd21.prod.outlook.com> <269DD0EC-FCBF-4691-9BAA-2B8F144C0353@lodderstedt.net> <3A9170DD-0861-478D-A9DD-9A55DC930B8D@ve7jtb.com> <4ACE4772-E01B-4D9A-8AED-7926B9E87615@lodderstedt.net>
To: Torsten Lodderstedt <torsten@lodderstedt.net>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/sOvjT7KVK7tId_NRrjf0KrwxBo4>
Subject: Re: [OAUTH-WG] Second OAuth Security Workshop (Call for Papers)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Apr 2017 05:17:27 -0000

I'd love to attend.

1) Can you handle remote participants?
2) Any chance you want to move this to Hawaii? I can host the work space. Seriously.

Aloha,
--
Jim Manico
@Manicode

> On Apr 20, 2017, at 7:42 PM, Torsten Lodderstedt <torsten@lodderstedt.net> wrote:
> 
> Hi all,
> 
> I'm pleased to announce the hosts managed to change the date of the security workshop to the end of the week before IETF-99, July 13-14. 
> 
> Please find the updated CfP below.
> 
> kind regards,
> Torsten.
> 
> ===============================================================================
> 
> C a l l     F o r     P a p e r s
> 
> Second OAuth Security Workshop (OSW 2017)
> 
> Zurich, Switzerland -- July 13-14, 2017 (note the changed event date)
> 
> WWW: https://zisc.ethz.ch/oauth-security-workshop-2017-cfp/
> 
> Position paper submission deadline: May 2, 2017 (AoE, UTC-12).
> 
> ===============================================================================
> 
> Overview
> 
> The OAuth Security Workshop (OSW) focuses on improving security of the
> OAuth standard and related Internet protocols. This workshop brings
> together the IETF OAuth Working Group and security experts from
> research, industry, and standardization to this end. The workshop is
> hosted by the Zurich Information Security and Privacy Center at ETH Zurich.
> 
> While the standardization process of OAuth ensures extensive reviews
> (both security and non-security related), further analysis by security
> experts from academia and industry is essential to ensure high quality
> specifications. Contributions to this workshop can help to improve the
> security of the Web and the Internet.
> 
> 
> Scope
> 
> We seek position papers related to the security of OAuth, OpenID
> Connect, and other technologies using OAuth under the hood.
> Contributions regarding technologies that are used in OAuth, such as
> JOSE, or impact the security of OAuth, such as Web technology, are also
> welcome.
> 
> 
> Important Dates
> 
> Position paper submission deadline: May 2, 2017 (AoE, UTC-12).
> Author notification: May 15, 2017.
> Registration deadline: June 16, 2017.
> Workshop: July 13 and July 14, 2017.
> 
> 
> Invited Speakers
> 
> Cas Cremers, University of Oxford
> 
> 
> Submission
> 
> We welcome position papers that describe existing work, raise new
> requirements, highlight challenges, write-ups of implementation and
> deployment experience, lessons-learned from successful or failed
> attempts, and ideas on how to improve OAuth and OAuth extensions.
> 
> Position papers submitted to the OAuth Security Workshop may report on
> (unpublished) work in progress, be submitted to other places, and may
> even have already appeared or been accepted elsewhere.
> 
> Submissions must be in PDF format and should feature reasonable margins
> and formatting. There is no page limit, but the submission should be
> brief (ideally not more than 3-5 pages). Submissions should not be
> anonymized.
> 
> Submission Website: https://easychair.org/conferences/?conf=osw17
> 
> 
> Publication and Presentation
> 
> One of the authors of the accepted position paper is expected to present
> the paper at the workshop.
> 
> All presentations and papers will be put online but there will be no
> formal proceedings. Authors of accepted papers will have the option to
> revise their papers before they are put online.
> 
> 
> IPR Policy
> 
> The workshop will have no expectation of IPR disclosure or licensing
> related to its submissions. Authors are responsible for obtaining
> appropriate publication clearances.
> 
> 
> Program Committee
> 
> Chairs
> David Basin (ETH Zurich)
> Torsten Lodderstedt (YES Europe)
> 
> Members
> John Bradley (Ping Identity)
> Ralf Küsters (University of Stuttgart)
> Chris Mitchell (Royal Holloway University of London)
> Anthony Nadalin (Microsoft)
> Nat Sakimura (Nomura Research Institute)
> Ralf Sasse (ETH Zurich)
> Jörg Schwenk (Ruhr University Bochum)
> Hannes Tschofenig (IETF OAuth Working Group Co-Chair)
> 
>> Am 13.03.2017 um 21:01 schrieb John Bradley <ve7jtb@ve7jtb.com>om>:
>> 
>> I did point out earlier when I discovered the dates, that I similarly asked for it to be later in the week.
>> It is probably fine for Europeans but it will stop many people from being able to attend including myself unless I can come up with other meetings in Europe to fill those days.
>> 
>> If we cant move it then we will have to live with it and attend or not.
>> 
>> John B.
>> 
>>> On Mar 13, 2017, at 4:46 PM, Torsten Lodderstedt <torsten@lodderstedt.net> wrote:
>>> 
>>> Hi Mike,
>>> 
>>> yes, those are the right dates. There are restrictions from the host's side, that’s why the workshop needs to take place on Monday and Tuesday. As far as I remember the host was clear about that from the beginning. 
>>> 
>>> best regards,
>>> Torsten.
>>> 
>>>> Am 12.03.2017 um 22:15 schrieb Mike Jones <Michael.Jones@microsoft.com>om>:
>>>> 
>>>> Are Monday-Tuesday, July 10-11 really the right dates?  I'm asking because IETF in Prague doesn't start until Sunday, July 16th.  That leaves 4 days dead time in between for those of us who are attending both.
>>>> 
>>>> When I was first told about this workshop, I was told that it would be sometime Wednesday-Friday that week.  Can it be moved back to those dates?  That would be a big help for those of us travelling distances to attend.
>>>> 
>>>> Or is there also another event in the Wednesday-Friday timeframe that people should also be considering attending?
>>>> 
>>>> 				Thanks,
>>>> 				-- Mike
>>>> 
>>>> -----Original Message-----
>>>> From: OAuth [mailto:oauth-bounces@ietf.org] On Behalf Of Torsten Lodderstedt
>>>> Sent: Sunday, March 12, 2017 12:28 PM
>>>> To: oauth@ietf.org
>>>> Subject: [OAUTH-WG] Second OAuth Security Workshop (Call for Papers)
>>>> 
>>>> Hi all,
>>>> 
>>>> the OAuth WG and the ETH Zurich will organize another workshop on OAuth security (after the one last year in Trier).
>>>> 
>>>> Please find the Call for Papers below.
>>>> 
>>>> kind regards,
>>>> Torsten.
>>>> 
>>>> C a l l     F o r     P a p e r s
>>>> 
>>>> Second OAuth Security Workshop (OSW 2017)
>>>> 
>>>> Zurich, Switzerland -- July 10-11, 2017
>>>> 
>>>> WWW:https://zisc.ethz.ch/oauth-security-workshop-2017-cfp/
>>>> 
>>>> ===============================================================================
>>>> 
>>>> Overview
>>>> 
>>>> The OAuth Security Workshop (OSW) focuses on improving security of the OAuth standard and related Internet protocols. This workshop brings together the IETF OAuth Working Group and security experts from research, industry, and standardization to this end. The workshop is hosted by the Zurich Information Security and Privacy Center at ETH Zurich.
>>>> 
>>>> While the standardization process of OAuth ensures extensive reviews (both security and non-security related), further analysis by security experts from academia and industry is essential to ensure high quality specifications. Contributions to this workshop can help to improve the security of the Web and the Internet.
>>>> 
>>>> 
>>>> Scope
>>>> 
>>>> We seek position papers related to the security of OAuth, OpenID Connect, and other technologies using OAuth under the hood.
>>>> Contributions regarding technologies that are used in OAuth, such as JOSE, or impact the security of OAuth, such as Web technology, are also welcome.
>>>> 
>>>> 
>>>> Important Dates
>>>> 
>>>> Position paper submission deadline: May 2, 2017 (AoE, UTC-12).
>>>> Author notification: May 15, 2017.
>>>> Registration deadline: June 16, 2017.
>>>> Workshop: July 10 and July 11, 2017.
>>>> 
>>>> 
>>>> Invited Speakers
>>>> 
>>>> Cas Cremers, University of Oxford
>>>> 
>>>> 
>>>> Submission
>>>> 
>>>> We welcome position papers that describe existing work, raise new requirements, highlight challenges, write-ups of implementation and deployment experience, lessons-learned from successful or failed attempts, and ideas on how to improve OAuth and OAuth extensions.
>>>> 
>>>> Position papers submitted to the OAuth Security Workshop may report on
>>>> (unpublished) work in progress, be submitted to other places, and may even have already appeared or been accepted elsewhere.
>>>> 
>>>> Submissions must be in PDF format and should feature reasonable margins and formatting. There is no page limit, but the submission should be brief (ideally not more than 3-5 pages). Submissions should not be anonymized.
>>>> 
>>>> Submission Website:https://easychair.org/conferences/?conf=osw17
>>>> 
>>>> 
>>>> Publication and Presentation
>>>> 
>>>> One of the authors of the accepted position paper is expected to present the paper at the workshop.
>>>> 
>>>> All presentations and papers will be put online but there will be no formal proceedings. Authors of accepted papers will have the option to revise their papers before they are put online.
>>>> 
>>>> 
>>>> IPR Policy
>>>> 
>>>> The workshop will have no expectation of IPR disclosure or licensing related to its submissions. Authors are responsible for obtaining appropriate publication clearances.
>>>> 
>>>> 
>>>> Program Committee
>>>> 
>>>> Chairs
>>>> David Basin (ETH Zurich)
>>>> Torsten Lodderstedt (YES Europe)
>>>> 
>>>> Members
>>>> John Bradley (Ping Identity)
>>>> Ralf Küsters (University of Stuttgart)
>>>> Chris Mitchell (Royal Holloway University of London) Anthony Nadalin (Microsoft) Nat Sakimura (Nomura Research Institute) Ralf Sasse (ETH Zurich) Jörg Schwenk (Ruhr University Bochum) Hannes Tschofenig (IETF OAuth Working Group Co-Chair)
>>>> 
>>>> _______________________________________________
>>>> OAuth mailing list
>>>> OAuth@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/oauth
>>> 
>>> _______________________________________________
>>> OAuth mailing list
>>> OAuth@ietf.org
>>> https://www.ietf.org/mailman/listinfo/oauth
>> 
> 
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth