I think there is a need for a signed token style OAuth 2 scheme, and MAC fills
this niche, although holder-of-key (as yet un-drafted) would also do this
nicely. Is MAC going to get picked up and driven to completion?
Do others feel this token style (and security properties) are needed? Or am I
alone in this?
-bill
>________________________________
> From: Eran Hammer <e...@hueniverse.com>
>To: "oauth@ietf.org WG (oauth@ietf.org)" <oauth@ietf.org>
>Sent: Tuesday, May 15, 2012 6:41 PM
>Subject: [OAUTH-WG] MAC Token draft
>
>
>
>I am stepping down from my role as editor of the MAC token specification. I do
>not intend to participate in this work moving forward. I will forward my notes
>to the next editor if requested.
>
>EH
>_______________________________________________
>OAuth mailing list
>OAuth@ietf.org
>https://www.ietf.org/mailman/listinfo/oauth
>
>
>
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth