Re: [OAUTH-WG] OAuth & Authentication: What can go wrong?
Torsten Lodderstedt <torsten@lodderstedt.net> Fri, 12 September 2014 07:05 UTC
Return-Path: <torsten@lodderstedt.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 536611A0662 for <oauth@ietfa.amsl.com>; Fri, 12 Sep 2014 00:05:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.904
X-Spam-Level:
X-Spam-Status: No, score=0.904 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FRT_ADOBE2=2.455, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fSg1OEGMsnJr for <oauth@ietfa.amsl.com>; Fri, 12 Sep 2014 00:05:52 -0700 (PDT)
Received: from smtprelay06.ispgateway.de (smtprelay06.ispgateway.de [80.67.31.102]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6184B1A0574 for <oauth@ietf.org>; Fri, 12 Sep 2014 00:05:51 -0700 (PDT)
Received: from [88.128.80.141] (helo=[10.227.187.73]) by smtprelay06.ispgateway.de with esmtpsa (TLSv1:RC4-MD5:128) (Exim 4.68) (envelope-from <torsten@lodderstedt.net>) id 1XSKvS-0000pA-0s; Fri, 12 Sep 2014 09:05:46 +0200
Date: Fri, 12 Sep 2014 09:05:41 +0200
Message-ID: <q7x8m6oues8tds05elkrec9p.1410505541367@email.android.com>
Importance: normal
From: Torsten Lodderstedt <torsten@lodderstedt.net>
To: "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com>, Antonio Sanso <asanso@adobe.com>, Gil Kirkpatrick <gil.kirkpatrick@viewds.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="--_com.android.email_865368721331240"
X-Df-Sender: dG9yc3RlbkBsb2RkZXJzdGVkdC5uZXQ=
Archived-At: http://mailarchive.ietf.org/arch/msg/oauth/uLvyrvWhmriDFBGidKcZKTLLr-4
Cc: Derek Atkins <derek@ihtfp.com>, "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] OAuth & Authentication: What can go wrong?
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Sep 2014 07:05:54 -0000
me too <div>-------- Ursprüngliche Nachricht --------</div><div>Von: "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com> </div><div>Datum:12.09.2014 08:50 (GMT+01:00) </div><div>An: Antonio Sanso <asanso@adobe.com>, Gil Kirkpatrick <gil.kirkpatrick@viewds.com> </div><div>Cc: Derek Atkins <derek@ihtfp.com>, oauth@ietf.org </div><div>Betreff: Re: [OAUTH-WG] OAuth & Authentication: What can go wrong? </div><div> </div>And me. -Tiru From: OAuth [mailto:oauth-bounces@ietf.org] On Behalf Of Antonio Sanso Sent: Friday, September 12, 2014 12:20 PM To: Gil Kirkpatrick Cc: Derek Atkins; oauth@ietf.org Subject: Re: [OAUTH-WG] OAuth & Authentication: What can go wrong? I would like to attend as well … regards antonio On Sep 12, 2014, at 3:00 AM, Gil Kirkpatrick <gil.kirkpatrick@viewds.com> wrote: +1 for me. ------ Original Message ------ From: "John Bradley" <ve7jtb@ve7jtb.com> To: "Nat Sakimura" <sakimura@gmail.com> Cc: "Derek Atkins" <derek@ihtfp.com>; "oauth@ietf.org" <oauth@ietf.org> Sent: 12/09/2014 9:30:50 AM Subject: Re: [OAUTH-WG] OAuth & Authentication: What can go wrong? And me Sent from my iPhone On Sep 11, 2014, at 7:49 PM, Nat Sakimura <sakimura@gmail.com> wrote: Add me, too. 2014-09-12 7:32 GMT+09:00 Anthony Nadalin <tonynad@microsoft.com>: Add me -----Original Message----- From: OAuth [mailto:oauth-bounces@ietf.org] On Behalf Of Hannes Tschofenig Sent: Thursday, September 11, 2014 3:30 PM To: oauth@ietf.org Cc: Derek Atkins Subject: [OAUTH-WG] OAuth & Authentication: What can go wrong? Hi all, at the last IETF meeting Mike gave a presentation about the draft-hunt-oauth-v2-user-a4c and the conclusion following the discussion was to discuss the problems that happen when OAuth gets used for authentication. The goal of this effort is to document the problems in an informational document. Conference calls could start in about 2 weeks and we would like to know who would be interested to participate in such a discussion. Please drop us a private mail so that we can find suitable dates/times. Ciao Hannes & Derek _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth -- Nat Sakimura (=nat) Chairman, OpenID Foundation http://nat.sakimura.org/ @_nat_en _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
- [OAUTH-WG] OAuth & Authentication: What can go wr… Hannes Tschofenig
- Re: [OAUTH-WG] OAuth & Authentication: What can g… Anthony Nadalin
- Re: [OAUTH-WG] OAuth & Authentication: What can g… Nat Sakimura
- Re: [OAUTH-WG] OAuth & Authentication: What can g… Phil Hunt
- Re: [OAUTH-WG] OAuth & Authentication: What can g… John Bradley
- Re: [OAUTH-WG] OAuth & Authentication: What can g… Gil Kirkpatrick
- Re: [OAUTH-WG] OAuth & Authentication: What can g… Antonio Sanso
- Re: [OAUTH-WG] OAuth & Authentication: What can g… Tirumaleswar Reddy (tireddy)
- Re: [OAUTH-WG] OAuth & Authentication: What can g… Torsten Lodderstedt