If you are busy, please click here and subscribe: https://www.ietf.org/mailman/listinfo/oauth
I would like to remind people about the standardization effort we are trying to kick-start in the IETF. In Nov we had a very successful BoF session at the 73rd IETF meeting. OAuth received a very warm and welcoming reception from members of the IETF community, and there was wide consensus that addressing the problem of delegated authorization is important and that OAuth represent the best and most promising solution. The main focus of the IETF work is to tighten up the specification (clarify language, reduce interoperability issues, add missing elements such as error codes) and enhance its security to meet current IETF security standards. Overall, this is all stuff we have been talking about on this list for the past year. The reason for bringing this work to the IETF (over continuing it here) is to increase the audience and reach of the protocol. While many web companies are happy adopting an open community specification, other more conservative companies (such as banks and government agencies) tend to wait for an official standard from a recognized body to adopt. I personally believe that support for OAuth in financial services is vital and this seems like the more promising path to achieve this goal. Now that we are all back from holidays and time off, we should resume our effort on this. If you have not done so already, please go to: https://www.ietf.org/mailman/listinfo/oauth And subscribe to the list. At this point it is very low in traffic and you can unsubscribe at any time. But it will guarantee you don't miss out on the important upcoming step: creating a working group charter. The goal of the charter is to define the scope of the work being done, and how it is worded can help later on in keeping the group focused. The key question right now with regard to the charter is how it should address changing the current OAuth Core 1.0 specification. How much should the working group be allowed to break the spec in order to accommodate the security and features the newer version needs to include. Sam Hartman started this discussion <http://www.ietf.org/mail-archive/ web/oauth/current/msg00005.html> and it is very much still open and far from conclusion. If you have an interest or a stake in how OAuth might evolve, it is crucial that you spend a few minutes (today!) subscribing to the list and catching up on the thread there (it is short). EHL --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to oauth@googlegroups.com To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
