[OAUTH-WG] FW: [W3C Web Crypto WG - Information] IETF seeking review on oauth-v2-bearer draft specification
Mike Jones <Michael.Jones@microsoft.com> Mon, 18 June 2012 19:32 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68CD911E8089 for <oauth@ietfa.amsl.com>; Mon, 18 Jun 2012 12:32:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.839
X-Spam-Level:
X-Spam-Status: No, score=-3.839 tagged_above=-999 required=5 tests=[AWL=-0.240, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Xr0DnkJ2H4BR for <oauth@ietfa.amsl.com>; Mon, 18 Jun 2012 12:32:46 -0700 (PDT)
Received: from am1outboundpool.messaging.microsoft.com (am1ehsobe004.messaging.microsoft.com [213.199.154.207]) by ietfa.amsl.com (Postfix) with ESMTP id 319CF21F86B8 for <oauth@ietf.org>; Mon, 18 Jun 2012 12:32:46 -0700 (PDT)
Received: from mail92-am1-R.bigfish.com (10.3.201.225) by AM1EHSOBE006.bigfish.com (10.3.204.26) with Microsoft SMTP Server id 14.1.225.23; Mon, 18 Jun 2012 19:31:26 +0000
Received: from mail92-am1 (localhost [127.0.0.1]) by mail92-am1-R.bigfish.com (Postfix) with ESMTP id D2D061C0378; Mon, 18 Jun 2012 19:31:25 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14HUBC107.redmond.corp.microsoft.com; RD:none; EFVD:NLI
X-SpamScore: -31
X-BigFish: VS-31(zz9371I1b0bM542Mzz1202hzz1033IL8275dhz2fh2a8h668h839h944hd25hf0ah)
Received-SPF: pass (mail92-am1: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=Michael.Jones@microsoft.com; helo=TK5EX14HUBC107.redmond.corp.microsoft.com ; icrosoft.com ;
Received: from mail92-am1 (localhost.localdomain [127.0.0.1]) by mail92-am1 (MessageSwitch) id 1340047883116910_29502; Mon, 18 Jun 2012 19:31:23 +0000 (UTC)
Received: from AM1EHSMHS010.bigfish.com (unknown [10.3.201.243]) by mail92-am1.bigfish.com (Postfix) with ESMTP id 1A54B220047; Mon, 18 Jun 2012 19:31:23 +0000 (UTC)
Received: from TK5EX14HUBC107.redmond.corp.microsoft.com (131.107.125.8) by AM1EHSMHS010.bigfish.com (10.3.207.110) with Microsoft SMTP Server (TLS) id 14.1.225.23; Mon, 18 Jun 2012 19:31:22 +0000
Received: from TK5EX14MBXC283.redmond.corp.microsoft.com ([169.254.2.53]) by TK5EX14HUBC107.redmond.corp.microsoft.com ([157.54.80.67]) with mapi id 14.02.0309.003; Mon, 18 Jun 2012 19:32:37 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Thread-Topic: [W3C Web Crypto WG - Information] IETF seeking review on oauth-v2-bearer draft specification
Thread-Index: Ac1NiRcSEeOui+ZrRSGN5WY6EED9BQ==
Date: Mon, 18 Jun 2012 19:32:35 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739436655A051@TK5EX14MBXC283.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.70]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
Cc: Pete Resnick <presnick@qualcomm.com>, Mark Nottingham <mnot@mnot.net>, "oauth@ietf.org" <oauth@ietf.org>, Thomas Roessler <tlr@w3.org>
Subject: [OAUTH-WG] FW: [W3C Web Crypto WG - Information] IETF seeking review on oauth-v2-bearer draft specification
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Jun 2012 19:32:47 -0000
FYI, per the forwarded note below, at least the W3C WebCrypto WG was informed last week of the request to review the URI Query Parameter text (Section 2.3) of the OAuth Bearer spec. I've learned of no feedback to date. -- Mike -----Original Message----- From: GALINDO Virginie [mailto:Virginie.GALINDO@gemalto.com] Sent: Wednesday, June 13, 2012 9:53 AM To: public-webcrypto@w3.org Cc: Thomas Roessler Subject: RE: [W3C Web Crypto WG - Information] IETF seeking review on oauth-v2-bearer draft specification Dear all, As highlighted by Thomas, IETF is seeking special advices, on the aspect of using the access token in the request URI query component, as described in section 2.3. Regards, Virginie -----Original Message----- From: GALINDO Virginie Sent: mercredi 13 juin 2012 15:54 To: public-webcrypto@w3.org Cc: Thomas Roessler Subject: [W3C Web Crypto WG - Information] IETF seeking review on oauth-v2-bearer draft specification Dear all, This is to inform you that IETF is currently reviewing its OAuth 2.0 bearer token usage [1], covering the way OAuth tokens are used in HTPP requests to access protected resources. This topic is out of scope at the moment but may be a use case for secondary features. In case you have specific comments to share with the editors, you can direct it to IETF or to Thomas Roessler (CC) who is liaising with IETF. Regards, Virginie gemalto [1] https://datatracker.ietf.org/doc/draft-ietf-oauth-v2-bearer/