Re: [OAUTH-WG] implementations of draft-ietf-oauth-proof-of-possession

Hannes Tschofenig <hannes.tschofenig@gmx.net> Thu, 17 December 2015 16:12 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6CC6F1B2F23 for <oauth@ietfa.amsl.com>; Thu, 17 Dec 2015 08:12:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.61
X-Spam-Level:
X-Spam-Status: No, score=-2.61 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mxxqu1xiXAjN for <oauth@ietfa.amsl.com>; Thu, 17 Dec 2015 08:12:12 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.15]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6BE3A1B2F20 for <oauth@ietf.org>; Thu, 17 Dec 2015 08:12:11 -0800 (PST)
Received: from [192.168.10.142] ([93.216.71.75]) by mail.gmx.com (mrgmx001) with ESMTPSA (Nemesis) id 0M4GRv-1aQiKy3lbf-00rs7Y for <oauth@ietf.org>; Thu, 17 Dec 2015 17:12:09 +0100
To: oauth@ietf.org
References: <CAHbuEH49MaQmi1+3hxOeMd=hpim2KOn0rNDRpOBmt_oCYsCfHQ@mail.gmail.com>
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Openpgp: id=071A97A9ECBADCA8E31E678554D9CEEF4D776BC9
Message-ID: <5672DED4.2070104@gmx.net>
Date: Thu, 17 Dec 2015 17:12:04 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0
MIME-Version: 1.0
In-Reply-To: <CAHbuEH49MaQmi1+3hxOeMd=hpim2KOn0rNDRpOBmt_oCYsCfHQ@mail.gmail.com>
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="xdOwVMhfqrd8REXcSKTrbc6R26OwlQ7D6"
X-Provags-ID: V03:K0:+sYgG8lDmyWqxy0sE286ELNfINaVvWpWN7kiJfVsEsgGLfQE6Q0 7v5u02ylG17OUI93BdwOrXsDg6D1YLd1NnLQ6wAFAOgaZNWleCi1jIEQyQXP1uqqcXvyKR9 sn1lGN3mfzC2IrBGL5qv+MAw8Rz6N1sTJ8ht5DSKohcmmrfylA3XPOZpKsKP5D61XmCtMz7 vWL4vkStd7sJcqJsFErUA==
X-UI-Out-Filterresults: notjunk:1;V01:K0:KxnGXJ1S+c4=:eurVKK12uuGXbvtG9r6gWx 2aq6o+MecrWAvk0H2mQdUUyFByp73GjXYkwtaifAMaQgh2SoPEkOxUu83KIJQ/WCgQ+cU932u QCfCx3w+9DpwGbQZHW/mOElOEnaYY1VHLHiqIAyDO2kWgbq23PdduBNfVxsU7mhYnzUyvje9X 9qK4cvZOW+HR7DYJS8FdXVMWxaA947VLlZUIOxpawh09J8kE1SAOw0uVlHnj4p/j5HjhJG6+W IGd7seLwD5j+7jhWMI851L78J86N99jMn/e2W2U+pDAkarDxVUqdvyqfipIL585pTarugfAmj dy3+N544iMUqhDRMY5lyoufvn9wcTS8NpkZRqPff5zT7iV3dDVUvnigeUAWJKU/KK2k3zed9b A+QjfaTlUCOrAyaEHtOcOwLIPApj9F42fY1rZbrNtvUeaMXNbRP2794DRb/IBv5nGZAHJ/nAO bPjrhTk8g77obYiA6KdU9gtxR9xCA8A0smGOA0oaTFGsHeALhxURuiVfn1X928wOmhs8kW9NF XSXWAlVqmOb7WvA1jVbxHRyRybAjltACuOv1IeIwvwCwCSSqWs6Va8iKNtBARgksU8TmwtIi8 D+KRlCKsRAWyZ4VVSX32WLt2SWsCZBeQnW+8JVHYrUz1uKxfQZsb9ttAeV4w7AmWB0G89zS2Q o/npM8ieqKFt4/EWOSVb6Jpaclq0W200mq/FqCiChdHWeOifuv/R6+MqaET1ShMnTZN69plBu uVCQwjhFDmWX+TtgVy+88hIAQsAs2DqZIvgHQBAJlzuzGF9MTQiTeLGrI50=
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/yiP3_H36YtbnNiCaKoq3J3Z-3OI>
Subject: Re: [OAUTH-WG] implementations of draft-ietf-oauth-proof-of-possession
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Dec 2015 16:12:13 -0000

Samuel and I had been working on a prototype implementation of the PoP
tokens for an IoT scenario, which we showed at ARM TechCon. It used the
JWT (instead of the CBOR-encoded version of the JWT since we had JOSE
code available).

Our version used symmetric key cryptography.

Roland Hedberg also mentioned to me that one person from his group
implemented the PoP token functionality and also the functionality
outlined in draft-ietf-oauth-proof-of-possession.

Ciao
Hannes

On 12/14/2015 04:13 AM, Kathleen Moriarty wrote:
> Hi,
> 
> Are there any implementations of  draft-ietf-oauth-proof-of-possession?
> 
> Thanks!
>