IETF Logo Mail Archive

Re: [Txauth] alternative charter writeup

Dick Hardt <dick.hardt@gmail.com> Thu, 16 January 2020 23:21 UTC

Return-Path: <dick.hardt@gmail.com>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C2C5120802 for <txauth@ietfa.amsl.com>; Thu, 16 Jan 2020 15:21:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.996
X-Spam-Level:
X-Spam-Status: No, score=-1.996 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xdNox7bRv1of for <txauth@ietfa.amsl.com>; Thu, 16 Jan 2020 15:21:39 -0800 (PST)
Received: from mail-lj1-x244.google.com (mail-lj1-x244.google.com [IPv6:2a00:1450:4864:20::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 19E9B12081A for <txauth@ietf.org>; Thu, 16 Jan 2020 15:21:39 -0800 (PST)
Received: by mail-lj1-x244.google.com with SMTP id r19so24479368ljg.3 for <txauth@ietf.org>; Thu, 16 Jan 2020 15:21:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=H3nxSl/pIKNbOubsOnOZZrmNhMwLUDHJV9213gjXrvI=; b=BUOQWoyrAY67kXjz9ijL2yx672TY7A8ZlHtO8Zh2jrxuq436riSvjFerTvdFuosbMN C+2zoEUtvq7ywWynLBjK0FgFqkH93caeTnT9CG9UGy8jH2zOGDARbL8dMo9mJXvt+uXc qJasu4kD5y8bKE2V9vO2kIXBUTwfAvBIjfLUfnak1le67D3eXAA1iGb5rkLNHHcRtIIb PfeCxGTF7FupfZRycs+TyeZ4yRlOX8sH/6GDW2e15PMwTI7xeuUQcYlFD7mCQPX64KDf 30Df0VxDfOgukwe35UYgLMs/ZnO1VXRCalfefLZcIXm6BiAzsbNNim1WOYbZvMqJyT5R Q/cA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=H3nxSl/pIKNbOubsOnOZZrmNhMwLUDHJV9213gjXrvI=; b=klAApW6EHOi4vRyifCifC2hfn+hP+VKPOIXkxjyG2USng6bvkzS0WfyQSfdKVWIHed rJufY4L78J8r19caNxHzQAILvOi/DnSWCSaA/171gYTnJQ6KBudbeiF8HX50OIpk7RmK yL8wVk1fXIEsO9HNVCztRCIMRkBKVmAoDYo1LsRrEF48S9F+vtkFvGi6jqqAmRcYoDRK +uqmkR+Qwh2yjbjhkc6ZDeXHH70w/uTFAM2jH4QjwQc2z4DKWSwLwoNYNljOUlGO0hrb bRm6c9S+toqcws4J9GXl1CWcKGmsBueIDYJgavEu7pnw0hHsp7PI3/bJ95FWR283gZBs nUEg==
X-Gm-Message-State: APjAAAWXO5SL0becmW3Xtm+LXoiQ7z3UEYpUnzg150VbtkmN3scEFlmt 8HAsz3Tw/H2w+fnxqCokadRwz2RrclaXhlUw0RspqkXV
X-Google-Smtp-Source: APXvYqxtf4OF9/tkmxBkagQGeBk6fyxQHN4+/p/6U+qdY2MQB+pPX6UyaZ40yC7u8niYNShOVxO8s/lvD5cmw8T4BD8=
X-Received: by 2002:a2e:9e4c:: with SMTP id g12mr3791878ljk.15.1579216897144; Thu, 16 Jan 2020 15:21:37 -0800 (PST)
MIME-Version: 1.0
References: <CAD9ie-sGfRGPFa4jBUeoVcG+CO=PvG-Ys-HrUMs7kVdt1zT3vA@mail.gmail.com> <FE8064D0-02CF-4BF1-AF25-0E52D9362D27@mit.edu> <CAD9ie-tAquhg=o1_cmKg_rO3mn9FeqCTDtY07XMqMOdhRWrD5Q@mail.gmail.com> <B758A8F2-211F-4637-84AE-3FD6974C546F@amazon.com> <CAD9ie-u5aV+FShiseuNRu_Ayp3EJjrN=zM1XBJW+vc9wDdL3NQ@mail.gmail.com> <A6D90193-D3FC-4BDB-8F4C-55A30ED252EE@amazon.com> <B88684FE-9ECE-4326-8DA2-F6A14E0D6ED0@mit.edu> <CAD9ie-tgXONsgr1cW=5X12Wdi+=iGZrnDtCfMzy-Vf-maezFHg@mail.gmail.com> <857A822F-E819-443E-8D92-5A5BD682D3AF@mit.edu> <40DEDA03-58E1-46EE-A46E-15D448283762@hardjono.net> <5F952C70-8EE2-440A-9334-5FBC19CE2A5E@mit.edu> <D3801C15-1089-4383-AAD9-10C867170181@hardjono.net> <301ADD9B-CCC9-447D-B652-EB377961FBD6@mit.edu> <3119F975-5ED2-4E5E-B6D4-997871FF6EF6@hardjono.net>
In-Reply-To: <3119F975-5ED2-4E5E-B6D4-997871FF6EF6@hardjono.net>
From: Dick Hardt <dick.hardt@gmail.com>
Date: Thu, 16 Jan 2020 15:21:25 -0800
Message-ID: <CAD9ie-uVjbqPKCRYKH-E3c8ftcZ19k=4LLJPh9Yh9AyTtO3gWQ@mail.gmail.com>
To: Thomas Hardjono <ietf-txauth@hardjono.net>
Cc: Justin Richer <jricher@mit.edu>, Thomas Hardjono <hardjono@mit.edu>, "txauth@ietf.org" <txauth@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000002d7ebc059c4a16de"
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/G8cVnkzXuBTchRbU5tSzQVvg3M4>
Subject: Re: [Txauth] alternative charter writeup
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Jan 2020 23:21:46 -0000

What I have understood we are enabling is a separation between the user
using the client software, and the user that is the resource owner.

Justin: is that what you had in mind?
ᐧ

On Thu, Jan 16, 2020 at 3:17 PM Thomas Hardjono <ietf-txauth@hardjono.net>
wrote:

> Yes, I see that sentence ("This protocol will allow an authorizing party
> to delegate access to client software through an authorization server").
> That's very specific, which is good.
>
> Just wanted to be sure that the bullet further below ("Delegation between
> multiple users") also makes sense given that the first sentence is talking
> about delegation to a piece of software.
>
> It’s a big jump between (i) a person delegating to a piece of software, to
> (ii) a person delegating to another person.
>
> Sorry for being pedantic.
>
>
>
> -- thomas --
>
>
>
> -----Original Message-----
> From: Justin Richer <jricher@mit.edu>
> Date: Thursday, January 16, 2020 at 5:50 PM
> To: Thomas Hardjono <ietf-txauth@hardjono.net>
> Cc: "hardjono@mit.edu" <hardjono@mit.edu>, "txauth@ietf.org" <
> txauth@ietf.org>
> Subject: Re: [Txauth] alternative charter writeup
>
> I get that, but that’s why the proposed charter text tries to be very
> explicit about who is delegating to whom (or what) and for what purpose.
> That’s why delegation to software and delegation between users are both
> listed separately.
>
>  — Justin
>
> > On Jan 16, 2020, at 4:07 PM, Thomas Hardjono <ietf-txauth@hardjono.net>
> wrote:
> >
> > The problem is that the word "delegation" is generally a very loaded
> term.
> >
> > I understand that WGs need wiggle room, but I'm concerned that this kind
> of loose wording may cause confusion down the road.
> >
> >
> >
> >>> What I think is very much out of scope is cross-domain policy
> processing.
> >
> > Agree.
> >
> >
> >
> > -----Original Message-----
> > From: Txauth <txauth-bounces@ietf.org> on behalf of Justin Richer <
> jricher@mit.edu>
> > Date: Thursday, January 16, 2020 at 11:54 AM
> > To: Thomas Hardjono <ietf-txauth@hardjono.net>
> > Cc: "hardjono@mit.edu" <hardjono@mit.edu>, "txauth@ietf.org" <
> txauth@ietf.org>
> > Subject: Re: [Txauth] alternative charter writeup
> >
> > On Jan 16, 2020, at 11:43 AM, Thomas Hardjono <ietf-txauth@hardjono.net>
> wrote:
> >>
> >>
> >> Looks good, but I have a clarification question:
> >>
> >>>>> - Delegation between multiple users
> >>
> >> What does this mean exactly?
> >>
> >> Is it the "multi-hop" delegation (Alice to Bob to Charlize to ...)
> >>
> >> Or does it only the "1-hop" delegation concurrently (Alice to Bob;
> Alice to Charlize; Alice to…)
> >
> > My thinking was that at the very least we want to allow the person
> running the client software and the person doing the authorization to be
> different people. This is the UMA use case (Alice to bob) and the CIBA use
> case (agent getting someone to log in). I think chaining can follow that,
> where Bob can then let Charlie do something. This is also along the lines
> of the token exchange model of OAuth 2, with continuously down-scoped
> access.
> >
> > What I think is very much out of scope is cross-domain policy
> processing.
> >
> > — Justin
> >
> >>
> >> -- thomas --
> >>
> >>
> >>
> >> -----Original Message-----
> >> From: Txauth <txauth-bounces@ietf.org> on behalf of Justin Richer <
> jricher@mit.edu>
> >> Date: Thursday, January 16, 2020 at 10:46 AM
> >> To: "txauth@ietf.org" <txauth@ietf.org>
> >> Cc: "rdd@cert.org" <rdd@cert.org>, "Richard Backman, Annabelle" <
> richanna@amazon.com>, Benjamin Kaduk <kaduk@mit.edu>, Dick Hardt <
> dick.hardt@gmail.com>
> >> Subject: Re: [Txauth] alternative charter writeup
> >>
> >> Here’s my updated text incorporating the feedback so far:
> >>
> >>
> >> This group is chartered to develop a delegation protocol for identity,
> authorization, and API access. This protocol will allow an authorizing
> party to delegate access to client software through an authorization
> server. The use cases supported by this protocol will include widely
> deployed use cases currently supported by OAuth 2.0 and OpenID Connect (an
> extension of OAuth 2.0) as well as new use cases not enabled by OAuth 2.0.
> >>
> >>
> >> The delegation process will be acted upon by multiple parties in the
> protocol, each performing a specific role. The protocol will decouple the
> interaction channels, such as the end user’s browser, from the delegation
> channel, which happens directly between the client and the authorization
> server (in contrast with OAuth 2 which is initiated by the client
> redirecting the user’s browser). The client will involve the authorizing
> party as necessary through interaction mechanisms indicated by the
> protocol. This decoupling avoids many of the security concerns and
> technical challenges of OAuth 2.0 as well as providing a non-invasive path
> for supporting future types of clients and interaction channels.
> >>
> >>
> >> Additionally, the delegation process will allow for:
> >>
> >>
> >> - Fine-grained specification of resource access
> >>
> >> - Approval of identity claims and multiple resources in a single
> interaction
> >>
> >> - Delegation between multiple users
> >>
> >> - Web, mobile, single-page, interaction-constrained, and other types of
> client applications
> >>
> >>
> >> The group will define extension points for this protocol to allow for
> flexibility in areas including:
> >>
> >>
> >> - Cryptographic agility for keys, message signatures, and proof of
> possession
> >>
> >> - User interaction mechanisms including web and non-web methods
> >>
> >> - Mechanisms for providing user, software, organization, and other
> pieces of information used in authorization decisions
> >>
> >> - Token presentation mechanisms and key bindings
> >>
> >>
> >> Additionally, the group will provide mechanisms for management of the
> protocol lifecycle including:
> >>
> >>
> >> - Discovery of the authorization server
> >>
> >> - Revocation of active tokens
> >>
> >> - Query of token rights by resource servers
> >>
> >>
> >> Although the artifacts for this work are not intended or expected to be
> backwards-compatible with OAuth 2.0 or OpenID Connect, the group will
> attempt to simplify porting from OAuth 2.0 and OpenID Connect to the new
> protocol where possible.
> >>
> >>
> >> While the initial work will focus on using HTTP for communication
> between the client and the authorization server, the working group will
> seek to take advantage of optimization features of HTTP2 and HTTP3 where
> possible, and will strive to enable simple mapping to other protocols such
> as COAP.
> >>
> >>
> >>
> >>
> >>
> >> It’s definitely a lot, but I think we’ve got a good handle on what
> we’re working on, and what the boundaries are. I think this is both too
> much of an effort and too much of a break to do this in the OAuth WG, where
> there’s already still plenty of work to be done. We’re leaning a lot on
> lessons learned from the OAuth 2 world and its extensions, including OIDC
> and UMA2. We’ve got the attention of a lot of the right people to start
> this as well.
> >>
> >> So to the AD’s: Ben and Roman — what’s the next step? This should be a
> new working group and like to get it started so that we can have our first
> meeting in Vancouver.
> >>
> >> — Justin
> >>
> >>
> >> On Jan 14, 2020, at 12:12 AM, Dick Hardt <dick.hardt@gmail.com> wrote:
> >>
> >> Sounds good to me.
> >>
> >> On Mon, Jan 13, 2020 at 6:24 PM Justin Richer <jricher@mit.edu> wrote:
> >>
> >>
> >> I can get behind this kind of addition. I like Annabelle’s framing of
> it in terms of decoupling, and some explanation of why we’re doing it in
> relation to OAuth 2’s approach. One of the key things, to me, is that we’re
> making a break from OAuth 2’s core architecture but doing so for very
> specific reasons.
> >>
> >> — Justin
> >>
> >>
> >> On Jan 13, 2020, at 8:54 PM, Richard Backman, Annabelle <
> richanna@amazon.com> wrote:
> >>
> >> It’s not just about the initial communication, though. I the key thing
> to emphasize is the decoupling the protocol from delegation channels, which
> addresses the aforementioned security/complexity issues and also provides a
> path to support future delegation channel types without significant changes
> to the protocol (unlike OAuth 2.0, where extensions like Device Flow and
> PAR introduce substantial changes to the core protocol flow on both client
> and AS). Since the protocol isn’t assuming a particular front channel, it’s
> easier to add support for a new one.
> >>
> >> Proposal, altered from Dick’s suggestion:
> >> This group is chartered to develop a delegated identity and
> authorization protocol. The use cases supported by this protocol will
> include widely deployed use cases currently supported by OAuth 2.0, and
> OpenID Connect, an extension of OAuth 2.0. This protocol will be decoupled
> from delegation channels such as an end user’s web browser and operate
> primarily through a channel between the client and the authorization
> server, avoiding many of the security concerns and technical challenges of
> OAuth 2.0 and providing a non-invasive path for adding support for future
> types of clients and delegation channels.
> >>
> >> –
> >> Annabelle Richard Backman
> >> AWS Identity
> >>
> >>
> >>
> >> From: Dick Hardt <dick.hardt@gmail.com>
> >> Date: Monday, January 13, 2020 at 4:35 PM
> >> To: "Richard Backman, Annabelle" <richanna@amazon.com>
> >> Cc: Justin Richer <jricher@mit.edu>, "txauth@ietf.org" <txauth@ietf.org
> >
> >> Subject: Re: [Txauth] alternative charter writeup
> >>
> >>
> >>
> >> I agree, some more "why" would help a broader audience understand the
> motivations. How about this change to the first paragraph?
> >>
> >>
> >>
> >> This group is chartered to develop a delegated identity and
> authorization protocol. The use cases supported by this protocol will
> include widely deployed use cases currently supported by OAuth 2.0, and
> OpenID Connect, an extension of OAuth 2.0. In contrast to OAuth 2.0, where
> the protocol is initiated by redirecting the user's browser to an
> authorization server, this protocol will be initiated by the client
> directly interacting with the authorization server, which will mitigate
> many of the security concerns and technical challenges of OAuth 2.0.
> >>
> >>
> >>
> >>
> >>
> >> On Mon, Jan 13, 2020 at 3:38 PM Richard Backman, Annabelle <
> richanna@amazon.com> wrote:
> >>
> >>
> >> While I agree with the goals stated in this charter, if I read this
> from the perspective of someone who hasn’t been our meetings or listened to
> Justin’s presentations, I’m hard pressed to see what the point of this
> group is, relative to the OAuth WG. I’d expect this charter to provide at
> least a cursory explanation of what problem it is trying to solve. In this
> case, the problem should be partially defined in relation to OAuth. What
> will this WG do that the OAuth WG hasn’t already done or isn’t already
> doing?
> >>
> >> How about adding something like the following to paragraph 2:
> >>
> >> The protocol will mitigate many of the security concerns and technical
> challenges of OAuth 2.0 by communicating over secure channels between the
> client and the authorization server, and minimizing the amount of
> information transmitted over untrusted channels.
> >>
> >> –
> >> Annabelle Richard Backman
> >> AWS Identity
> >>
> >>
> >>
> >> From: Txauth <txauth-bounces@ietf.org> on behalf of Dick Hardt <
> dick.hardt@gmail.com>
> >> Date: Friday, January 10, 2020 at 6:57 PM
> >> To: Justin Richer <jricher@mit.edu>
> >> Cc: "txauth@ietf.org" <txauth@ietf.org>
> >> Subject: Re: [Txauth] alternative charter writeup
> >>
> >>
> >>
> >> This looks even better! Thanks Justin.
> >>
> >>
> >> What do others think of the proposed charter now?
> >>
> >>
> >> ᐧ
> >>
> >>
> >> On Fri, Jan 10, 2020 at 12:43 PM Justin Richer <jricher@mit.edu> wrote:
> >>
> >>
> >> Thanks, Dick. I’ve been working on an updated charter based on
> everyone’s feedback, and I was aiming to have out today anyway, so this
> timing is helpful. So here’s my take on a new charter, incorporating some
> of your points below:
> >>
> >>
> >>
> >> This group is chartered to develop a delegation protocol for identity,
> authorization, and API access. This protocol will allow an authorizing
> party to delegate access to client software through an authorization
> server. The use cases supported by this protocol will include widely
> deployed use cases currently supported by OAuth 2.0 and OpenID Connect.
> >>
> >>
> >>
> >> The delegation process will be acted upon by multiple parties in the
> protocol, each performing a specific role. The protocol will be initiated
> by the client interacting directly with the authorization server (in
> contrast with OAuth 2 which is initiated by the client redirecting the
> user’s browser). The client will involve the authorizing party as necessary
> through interaction mechanisms indicated by the protocol.
> >>
> >>
> >>
> >> Additionally, the delegation process will allow for:
> >>
> >>
> >>
> >> - Fine-grained specification of resource access
> >>
> >> - Approval of identity claims and multiple resources in a single
> interaction
> >>
> >> - Delegation between multiple users
> >>
> >> - Web, mobile, single-page, and other types of client applications
> >>
> >>
> >>
> >> The group will define extension points for this protocol to allow for
> flexibility in areas including:
> >>
> >>
> >>
> >> - Cryptographic agility for keys, message signatures, and proof of
> possession
> >>
> >> - User interaction mechanisms including web and non-web methods
> >>
> >> - Mechanisms for providing user, software, organization, and other
> pieces of information used in authorization decisions
> >>
> >> - Token presentation mechanisms and key bindings
> >>
> >>
> >>
> >> Additionally, the group will provide mechanisms for management of the
> protocol lifecycle including:
> >>
> >>
> >>
> >> - Discovery of the authorization server
> >>
> >> - Revocation of active tokens
> >>
> >> - Query of token rights by resource servers
> >>
> >>
> >>
> >> Although the artifacts for this work are not intended or expected to be
> backwards-compatible with OAuth 2.0 or OpenID Connect, the group will
> attempt to simplify porting from OAuth 2.0 and OpenID Connect to the new
> protocol where possible.
> >>
> >> While the initial work will focus on using HTTP for communication
> between the client and the authorization server, the working group will
> seek to take advantage of optimization features of HTTP2 and HTTP3, and
> will strive to enable simple mapping to other protocols such as COAP.
> >>
> >>
> >>
> >>
> >>
> >> On Jan 10, 2020, at 12:04 PM, Dick Hardt <dick.hardt@gmail.com> wrote:
> >>
> >>
> >> Hey
> >>
> >>
> >> I've written an alternative charter that I hope captures some of the
> feedback on Justin's charter.
> >>
> >>
> >>
> >> I found it easier to rewrite the charter to broaden the marketplace of
> ideas.
> >>
> >>
> >>
> >> Key ideas:
> >>
> >>
> >>
> >> - This work supports existing OAuth 2.0, and OpenID Connect use cases.
> >>
> >>
> >>
> >> - The client interacts directly with the authorization server.
> >>
> >>
> >>
> >> /Dick
> >>
> >>
> >>
> >> ----
> >>
> >>
> >> This group is chartered to develop a delegated identity and
> authorization protocol.. The use cases supported by this protocol will
> include widely deployed use cases currently supported by OAuth 2.0, and
> OpenID Connect. In contrast to OAuth 2.0 and OpenID Connect, where the
> protocol is initiated by redirecting the user's browser to an authorization
> server, this protocol will be initiated by the client directly interacting
> with the authorization server..
> >>
> >>
> >> Additionally, the protocol will allow:
> >>
> >> - fine-grained specification of resource access
> >>
> >> - the user to approve requests for identity claims and access to
> multiple resources in one interaction
> >>
> >> - web, mobile, single-page, and other client applications
> >>
> >> - taking advantage of optimization features in HTTP2 and HTTP3
> >>
> >>
> >> The group will define extension points for this protocol to allow for
> flexibility in areas including:
> >>
> >>
> >> - discovery of the authorization server
> >>
> >> - cryptographic agility for keys, message signatures, and proof of
> possession
> >>
> >> - user interaction mechanisms including web and non-web methods- token
> presentation mechanisms and key bindings
> >>
> >>
> >> Although the artifacts for this work are not intended or expected to be
> backwards-compatible with OAuth 2.0 or OpenID Connect, they will attempt to
> simplify porting from OAuth 2.0 and OpenID Connect, and strive to reuse
> existing semantics such as client identifiers, OAuth 2.0 scopes and access
> tokens, and OpenID Connect ID Tokens and claims.
> >>
> >>
> >> While the initial work will focus on using HTTP for communication
> between the client and the authorization server, the working group will
> strive to enable simple mapping to other protocols such as COAP.
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> ᐧ
> >>
> >> --
> >> Txauth mailing list
> >> Txauth@ietf.org
> >> https://www.ietf.org/mailman/listinfo/txauth
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> --
> >> Txauth mailing list
> >> Txauth@ietf.org
> >> https://www.ietf.org/mailman/listinfo/txauth
> >>
> >>
> >> --
> >> Txauth mailing list
> >> Txauth@ietf.org
> >> https://www.ietf.org/mailman/listinfo/txauth
> >
> > --
> > Txauth mailing list
> > Txauth@ietf.org
> > https://www.ietf.org/mailman/listinfo/txauth
> >
> >
>
>
>
> --
> Txauth mailing list
> Txauth@ietf.org
> https://www.ietf.org/mailman/listinfo/txauth
>

v2.23.0 | Report a Bug | By Email