IETF Logo Mail Archive

Re: [OAUTH-WG] Implementing MAC bearer

Erlend Hamnaberg <ngarthl@gmail.com> Thu, 09 February 2012 08:11 UTC

Return-Path: <ngarthl@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4FFF221F8592 for <oauth@ietfa.amsl.com>; Thu, 9 Feb 2012 00:11:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.525
X-Spam-Level:
X-Spam-Status: No, score=-3.525 tagged_above=-999 required=5 tests=[AWL=0.073, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hrSgEldk+O3Y for <oauth@ietfa.amsl.com>; Thu, 9 Feb 2012 00:11:31 -0800 (PST)
Received: from mail-tul01m020-f172.google.com (mail-tul01m020-f172.google.com [209.85.214.172]) by ietfa.amsl.com (Postfix) with ESMTP id 9D3F221F85AA for <OAuth@ietf.org>; Thu, 9 Feb 2012 00:11:30 -0800 (PST)
Received: by obbwd15 with SMTP id wd15so2380488obb.31 for <OAuth@ietf.org>; Thu, 09 Feb 2012 00:11:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=uLp10g/KGFlt5xNXxRbefi7kh+Y08IL4odxM3sEYXLQ=; b=iof5Wb0CUKYsFfQunhNfoc94wbNnvf59WumWtKNa0zOvYckhDZlJ0MN37u4QSf5QXz aExH05vHn4Xn89gW+ywgPmMyPOVnrQLnXGtBMBAQzBZ9RmWxJMnwm+LNHeq1dnVI2it6 1flWcfz4rX0M8YYWfMAo+FjWfD3TeBS+epVBU=
MIME-Version: 1.0
Received: by 10.182.2.135 with SMTP id 7mr650454obu.78.1328775090178; Thu, 09 Feb 2012 00:11:30 -0800 (PST)
Received: by 10.182.117.70 with HTTP; Thu, 9 Feb 2012 00:11:30 -0800 (PST)
In-Reply-To: <90C41DD21FB7C64BB94121FBBC2E723453AADDD47B@P3PW5EX1MB01.EX1.SECURESERVER.NET>
References: <CAKj3E3b7kok_uoKRWxNox8BPLgPqDYuvWu2sNSbi6y6j=sHs1g@mail.gmail.com> <90C41DD21FB7C64BB94121FBBC2E723453AADDD47B@P3PW5EX1MB01.EX1.SECURESERVER.NET>
Date: Thu, 09 Feb 2012 09:11:30 +0100
Message-ID: <CAKj3E3Z6qDRxXnS4u8M-Uj5f1NjwNhzK6=-9vwn92S-Gs1eXnA@mail.gmail.com>
From: Erlend Hamnaberg <ngarthl@gmail.com>
To: Eran Hammer <eran@hueniverse.com>
Content-Type: multipart/alternative; boundary="f46d044519e33c8af904b8838f92"
Cc: "OAuth@ietf.org" <OAuth@ietf.org>
Subject: Re: [OAUTH-WG] Implementing MAC bearer
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Feb 2012 08:11:33 -0000

Great. Thanks.

One question:
 Is it possible to use mac tokens in a non-OAuth setting?

How would a UA get the MAC id and algorithm then?

The old spec had a version where you could use Cookies to do this.

Is there a reason why this couldn't work as with Digest authentication?

-E

On Wed, Feb 8, 2012 at 11:59 PM, Eran Hammer <eran@hueniverse.com> wrote:

> New draft:****
>
> ** **
>
> http://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-01****
>
> ** **
>
> EH****
>
> ** **
>
> ** **
>
> *From:* oauth-bounces@ietf.org [mailto:oauth-bounces@ietf.org] *On Behalf
> Of *Erlend Hamnaberg
> *Sent:* Tuesday, February 07, 2012 11:02 AM
> *To:* OAuth@ietf.org
>
> *Subject:* [OAUTH-WG] Implementing MAC bearer****
>
> ** **
>
> Hi guys and gals.****
>
> ** **
>
> I am trying to implement the MAC bearer within a client library.****
>
> ** **
>
> Searching the Archive I find that the current draft version of the MAC
> bearer is incorrect.****
>
> ** **
>
> For instance the body-hash is no longer supported. Is there a new draft
> planned soon?****
>
> For implementers there would be great help in more examples. ****
>
> That way we can write test cases which conforms to the spec more easily.**
> **
>
> ** **
>
> Best regards****
>
> ** **
>
> Erlend****
>

v2.23.0 | Report a Bug | By Email