[Unbearable] [TokenBinding/Internet-Drafts] 633587: Adding fed sign-on considerations to Security Cons...

balfanz <dirk@balfanz.net> Tue, 14 November 2017 18:25 UTC

Return-Path: <bounce+3a3868.40f-unbearable=ietf.org@github.com>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4DA1E12940A for <unbearable@ietfa.amsl.com>; Tue, 14 Nov 2017 10:25:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TAOwjG7g8pdP for <unbearable@ietfa.amsl.com>; Tue, 14 Nov 2017 10:25:21 -0800 (PST)
Received: from m69-169.mailgun.net (m69-169.mailgun.net [166.78.69.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7996A128B38 for <unbearable@ietf.org>; Tue, 14 Nov 2017 10:25:21 -0800 (PST)
DKIM-Signature: a=rsa-sha256; v=1; c=relaxed/relaxed; d=github.com; q=dns/txt; s=mailo; t=1510683920; h=Content-Transfer-Encoding: Content-Type: Mime-Version: Subject: Message-ID: To: Reply-To: From: Date: Sender; bh=Ed5MgGWPaNCevjOCflKTtIpOqoddNt4fJlrGVIF+RG4=; b=dIiltkupq1XHfz+ZYgoZ/I2PUkgGmSC5Wb2GzkJBZsOh3Q9H1G/1LA1PKpKt7Kfrp1t0iOLJ WcUwvQQbkTrX+X1j5FgZ8Q7JFvnSpNKyQ7cj7KROowiNktgGovECSS8cQgqhwR+mfVntJbH4 /+Kv5QSk1p7WAJWSShpbpshiYgk=
Sender: dirk=balfanz.net@github.com
X-Mailgun-Sending-Ip: 166.78.69.169
X-Mailgun-Sid: WyIzMTNlNyIsICJ1bmJlYXJhYmxlQGlldGYub3JnIiwgIjQwZiJd
Received: from github.com (Unknown [192.30.252.35]) by mxa.mailgun.org with ESMTP id 5a0b350e.7fe368080720-smtp-out-n02; Tue, 14 Nov 2017 18:25:18 -0000 (UTC)
Date: Tue, 14 Nov 2017 10:25:17 -0800
From: balfanz <dirk@balfanz.net>
Reply-To: balfanz <dirk@balfanz.net>
To: unbearable@ietf.org
Message-ID: <5a0b350d88203_6743f7dff0dfc34686aa@hookshot-fe-92cdb05.cp1-iad.github.net.mail>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="--==_mimepart_5a0b350d87ef4_6743f7dff0dfc34685e0"; charset=UTF-8
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/ZwDpAyGjsDsu4-Izhw0wdjs2q_I>
X-Mailman-Approved-At: Tue, 14 Nov 2017 17:43:36 -0800
Subject: [Unbearable] [TokenBinding/Internet-Drafts] 633587: Adding fed sign-on considerations to Security Cons...
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Nov 2017 18:25:23 -0000

  Branch: refs/heads/master
  Home:   https://github.com/TokenBinding/Internet-Drafts
  Commit: 6335877da2a0d39be8b5f17f62911ba2acdac7f2
      https://github.com/TokenBinding/Internet-Drafts/commit/6335877da2a0d39be8b5f17f62911ba2acdac7f2
  Author: balfanz <dirk@balfanz.net>
  Date:   2017-11-14 (Tue, 14 Nov 2017)

  Changed paths:
    M draft-ietf-tokbind-https-10.xml

  Log Message:
  -----------
  Adding fed sign-on considerations to Security Considerations sections.


  Commit: d97f889cd1c94faa59533f23600c4d3005b56325
      https://github.com/TokenBinding/Internet-Drafts/commit/d97f889cd1c94faa59533f23600c4d3005b56325
  Author: balfanz <dirk@balfanz.net>
  Date:   2017-11-14 (Tue, 14 Nov 2017)

  Changed paths:
    R draft-ietf-tokbind-https-10.xml
    A draft-ietf-tokbind-https-11.xml

  Log Message:
  -----------
  creating v11 of draft-ietf-tokbind-https


Compare: https://github.com/TokenBinding/Internet-Drafts/compare/7b18d47daf8f...d97f889cd1c9