Re: [OAUTH-WG] Weekly github digest (OAuth Activity Summary)
Aaron Parecki <aaron@parecki.com> Mon, 05 February 2024 23:07 UTC
Return-Path: <aaron@parecki.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 11CCCC14F6BA for <oauth@ietfa.amsl.com>; Mon, 5 Feb 2024 15:07:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=parecki.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ibOv1wnynWJV for <oauth@ietfa.amsl.com>; Mon, 5 Feb 2024 15:07:48 -0800 (PST)
Received: from mail-vk1-xa30.google.com (mail-vk1-xa30.google.com [IPv6:2607:f8b0:4864:20::a30]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 58E9EC14F601 for <oauth@ietf.org>; Mon, 5 Feb 2024 15:07:48 -0800 (PST)
Received: by mail-vk1-xa30.google.com with SMTP id 71dfb90a1353d-4c02dfa01a8so391548e0c.1 for <oauth@ietf.org>; Mon, 05 Feb 2024 15:07:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=parecki.com; s=google; t=1707174466; x=1707779266; darn=ietf.org; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=w6uDmZ2yw+88Vso2LzdDuhjx7Y3EhPF5joR3klG0joo=; b=FymJjS5qEs4rQfU3uRgK8zZF1o3FqDfqPObqQKAFso9N/J4LsV64jPBtimbq/gK5eL wKmpQPoEOfmgZVaoq7a4RA4v/KOtyKOJQ7qJ1LJKkCtuDvInmOgmQUIIHhNVmg5iT2aT igW34LWNU6VlJzed5Ja5rp6EeMYBHTUXBJ+XC5eFFi+J21PFsr/y9cSittPCh+Os9SM+ vIqgs26mfG24ZRlOqTLd5itGTvw9pOTZ5abG8XM39qbcJDYh/zCvxNCrOGDLZP0LhEVX oMiBEy0ql3rRapzfDI+RJrDdfkSfMqkpYN1NGPpjNBieOus2ykynLsGPignvAR5r1qXG WCvA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707174466; x=1707779266; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=w6uDmZ2yw+88Vso2LzdDuhjx7Y3EhPF5joR3klG0joo=; b=QYUWGcxKsejNiJQ18574cqxhO5aKed8CJLhPh8AHERRTfhQ1nwDo1fvTgIDaV2ScGC GIeyGWtgAYvUay+hCbLvaaY8NQoxR8PE/5HtVEMyPVn1o95yE7yKM6iou3QOX/w9S7jK KDjG0Ag35w63eLQB0qe83m1FAJfvb+aqDj4gWa/7YhLXDN464gzN4DX1Vo4XsUwO50Qa 0p1/hEKV3LoO9OEGMepX0e8yyUtnRl6e+beuZxaOcjBbhaKTjUCwrRsj9LZDGI6k1Eb8 kdhYkYGiVivGUPhkjQcY2Eak6E6xxcYObeIo/G/1L/Pt2inp1ag1AjAliYlEX4HpXNsK Sagw==
X-Gm-Message-State: AOJu0YyLaYAHWhp4VNuIcqF7CdQ1yqZztXfMKDmhhs9hQMbL5D/ndy5E kTjG2XywZgpV5gjkFX3XrJShAw06hxA41mfHmMxqluYPDldPG54YwHFAGZNbyysDc8fbg3D5yAc =
X-Google-Smtp-Source: AGHT+IEPbmh6Xp8pbLka9c5a1eDu0jAdLagLh1VjTXJd7nBasUqQehkbtBOjsG3e0OWRQvXk1WWsKg==
X-Received: by 2002:ac5:c5ca:0:b0:4b6:aeb7:3f1d with SMTP id g10-20020ac5c5ca000000b004b6aeb73f1dmr325352vkl.9.1707174466252; Mon, 05 Feb 2024 15:07:46 -0800 (PST)
Received: from mail-ua1-f49.google.com (mail-ua1-f49.google.com. [209.85.222.49]) by smtp.gmail.com with ESMTPSA id az25-20020a0561220d1900b004c0091c7630sm141390vkb.53.2024.02.05.15.07.45 for <oauth@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 05 Feb 2024 15:07:45 -0800 (PST)
Received: by mail-ua1-f49.google.com with SMTP id a1e0cc1a2514c-7d5bbbe57b9so2050624241.3 for <oauth@ietf.org>; Mon, 05 Feb 2024 15:07:45 -0800 (PST)
X-Received: by 2002:a05:6122:12e1:b0:4c0:37a4:dbbd with SMTP id k1-20020a05612212e100b004c037a4dbbdmr307508vkp.13.1707174465294; Mon, 05 Feb 2024 15:07:45 -0800 (PST)
MIME-Version: 1.0
References: <20240204073941.4207EC14CEFC@ietfa.amsl.com>
In-Reply-To: <20240204073941.4207EC14CEFC@ietfa.amsl.com>
From: Aaron Parecki <aaron@parecki.com>
Date: Mon, 05 Feb 2024 15:07:34 -0800
X-Gmail-Original-Message-ID: <CAGBSGjoXE7FVdz8c70wgHAJsEDE=t0T7eUamGd+dj7Bf4kNQvQ@mail.gmail.com>
Message-ID: <CAGBSGjoXE7FVdz8c70wgHAJsEDE=t0T7eUamGd+dj7Bf4kNQvQ@mail.gmail.com>
To: OAuth WG <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000092e5a10610aa87a2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/vJRgvknwDCfIf02zvx_LcFugUj4>
Subject: Re: [OAUTH-WG] Weekly github digest (OAuth Activity Summary)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Feb 2024 23:07:53 -0000
Happy Monday! I just added several OAuth GitHub repos to the IETF tools that send out this weekly digest about activity on GitHub. I hope this helps everyone become more aware of the activity in the group. If you have an adopted draft on GitHub that isn't part of this list, get in touch with me and we can get it added too. Thanks! Aaron On Sat, Feb 3, 2024 at 11:40 PM Repository Activity Summary Bot <do_not_reply=40mnot.net@dmarc.ietf.org> wrote: > Sunday February 04, 2024 > > Events without label "editorial" > Issues oauth-wg/oauth-identity-chaining (+0/-4/💬5) > > 5 issues received 5 new comments: > > - #69 Add Aaron Parecki to acknowledgements section > <https://github.com/oauth-wg/oauth-identity-chaining/issues/69> (1 by > bc-pi) > - #67 Change spec name to focus on Authz > <https://github.com/oauth-wg/oauth-identity-chaining/issues/67> (1 by > bc-pi) > - #61 authorization grant type can't be the same as the issued token > type <https://github.com/oauth-wg/oauth-identity-chaining/issues/61> > (1 by bc-pi) > - #60 example response missing issued_token_type > <https://github.com/oauth-wg/oauth-identity-chaining/issues/60> (1 by > bc-pi) > - #45 Consider limiting token formats to JWT > <https://github.com/oauth-wg/oauth-identity-chaining/issues/45> (1 by > bc-pi) > > 4 issues closed: > > - #69 Add Aaron Parecki to acknowledgements section > <https://github.com/oauth-wg/oauth-identity-chaining/issues/69> > - #61 authorization grant type can't be the same as the issued token > type <https://github.com/oauth-wg/oauth-identity-chaining/issues/61> > - #60 example response missing issued_token_type > <https://github.com/oauth-wg/oauth-identity-chaining/issues/60> > - #45 Consider limiting token formats to JWT > <https://github.com/oauth-wg/oauth-identity-chaining/issues/45> > > oauth-wg/oauth-transaction-tokens (+2/-11/💬22) > > 2 issues created: > > - #69 Do we still need replacement transaction tokens. > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/69> (by > PieterKas) > - #66 Trust domain/audience claim format URI or StringOrUri? > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/66> (by > obfuscoder) > > 9 issues received 22 new comments: > > - #69 Do we still need replacement transaction tokens. > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/69> (1 by > PieterKas) > - #63 audience REQUIRED for just one trust domain? > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/63> (4 by > gffletch, obfuscoder, tulshi) > - #62 Long-living Access Token needed for internal batch > processes/offline tasks? > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/62> (4 by > gffletch, obfuscoder, tulshi) > - #58 Authorization details presentation and processing > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/58> (1 by > tulshi) PR57 > - #56 RFC 9493 and sub_id formats > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/56> (3 by > obfuscoder, tulshi) PR57 > - #53 Transaction Tokens for S2S calls > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/53> (5 by > dteleguin, obfuscoder, tulshi) > - #52 Should the azd claim be mandatory or optional > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/52> (1 by > tulshi) pre-adoption > - #35 How do internal services authorize the Transaction Tokens? > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/35> (2 by > obfuscoder, tulshi) > - #21 Txt token Header > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/21> (1 by > obfuscoder) > > 11 issues closed: > > - #66 Trust domain/audience claim format URI or StringOrUri? > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/66> > - #63 audience REQUIRED for just one trust domain? > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/63> > - #48 "sender constrained" language needs improvement > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/48> > - #21 Txt token Header > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/21> > - #35 How do internal services authorize the Transaction Tokens? > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/35> > - #56 RFC 9493 and sub_id formats > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/56> PR57 > - #52 Should the azd claim be mandatory or optional > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/52> > pre-adoption > - #58 Authorization details presentation and processing > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/58> PR57 > - #60 Use of `actor_token` and `actor_token_type` > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/60> PR57 > - #61 How is the `purp` claim of the Txn-Token defined? > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/61> PR57 > - #49 Using Txn-Tokens securely > <https://github.com/oauth-wg/oauth-transaction-tokens/issues/49> > pre-adoption > > oauth-wg/oauth-sd-jwt-vc (+1/-0/💬3) > > 1 issues created: > > - #203 metadata path description > <https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/203> (by c2bo) > > 1 issues received 3 new comments: > > - #203 metadata path description > <https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/203> (3 by bc-pi) > > Pull requests oauth-wg/oauth-identity-chaining (+3/-4/💬1) > > 3 pull requests submitted: > > - #74 use more specific term "JWT authorization grant" > <https://github.com/oauth-wg/oauth-identity-chaining/pull/74> (by > aaronpk) > - #73 Renamed the "Authorization Grant" header to "Access Token > Request" <https://github.com/oauth-wg/oauth-identity-chaining/pull/73> > (by aaronpk) > - #72 limit authorization grant format to RFC7523 JWT > <https://github.com/oauth-wg/oauth-identity-chaining/pull/72> (by > bc-pi) > > 1 pull requests received 1 new comments: > > - #73 Renamed the "Authorization Grant" header to "Access Token > Request" <https://github.com/oauth-wg/oauth-identity-chaining/pull/73> > (1 by aaronpk) > > 4 pull requests merged: > > - #74 use more specific term "JWT authorization grant" > <https://github.com/oauth-wg/oauth-identity-chaining/pull/74> > - #73 More specific headers > <https://github.com/oauth-wg/oauth-identity-chaining/pull/73> > - #71 Added acknowledgement for Aaron Parecki > <https://github.com/oauth-wg/oauth-identity-chaining/pull/71> > - #72 limit authorization grant format to RFC7523 JWT > <https://github.com/oauth-wg/oauth-identity-chaining/pull/72> > > oauth-wg/oauth-transaction-tokens (+4/-5/💬0) > > 4 pull requests submitted: > > - #70 clarified that aud claim should have the same format as in the > JWT spec <https://github.com/oauth-wg/oauth-transaction-tokens/pull/70> > (by tulshi) > - #68 removed sender constrained text as discussed on 12/08 > <https://github.com/oauth-wg/oauth-transaction-tokens/pull/68> (by > tulshi) > - #67 Clarify and align audience claim value format > <https://github.com/oauth-wg/oauth-transaction-tokens/pull/67> (by > obfuscoder) > - #65 updated HTTP reference > <https://github.com/oauth-wg/oauth-transaction-tokens/pull/65> (by > tulshi) > > 5 pull requests merged: > > - #70 clarified that aud claim should have the same format as in the > JWT spec <https://github.com/oauth-wg/oauth-transaction-tokens/pull/70> > - #68 removed sender constrained text as discussed on 12/08 > <https://github.com/oauth-wg/oauth-transaction-tokens/pull/68> > - #65 updated HTTP reference > <https://github.com/oauth-wg/oauth-transaction-tokens/pull/65> > - #57 Token exchange profile update > <https://github.com/oauth-wg/oauth-transaction-tokens/pull/57> > - #64 Add header > <https://github.com/oauth-wg/oauth-transaction-tokens/pull/64> > > oauth-wg/oauth-sd-jwt-vc (+1/-0/💬0) > > 1 pull requests submitted: > > - #204 Fix inconstancy in the well-known path construction > <https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/204> (by bc-pi) > > oauth-wg/draft-ietf-oauth-resource-metadata (+0/-1/💬0) > > 1 pull requests merged: > > - #22 fix bearer_methods_supported > <https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata/pull/22> > > Repositories tracked by this digest: > > - https://github.com/oauth-wg/oauth-browser-based-apps > - https://github.com/oauth-wg/oauth-identity-chaining > - https://github.com/oauth-wg/oauth-transaction-tokens > - https://github.com/oauth-wg/oauth-sd-jwt-vc > - https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata > - https://github.com/oauth-wg/oauth-cross-device-security > - https://github.com/oauth-wg/oauth-selective-disclosure-jwt > - https://github.com/oauth-wg/oauth-v2-1 > - https://github.com/oauth-wg/oauth-browser-based-apps > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth >
- [OAUTH-WG] Weekly github digest (OAuth Activity S… Repository Activity Summary Bot
- Re: [OAUTH-WG] Weekly github digest (OAuth Activi… Aaron Parecki