Ahh, as John knows this is a big pet peeve for me :)
Although that's all true on mobile, on desktop things are more complicated.
- Using a system browser on the desktop (Linux/Mac/Windows) means that
you don't control the experience (there might be modal dialogs occluding
the browser or
On Windows Web Authentication broker is a option.
https://docs.microsoft.com/en-us/uwp/api/Windows.Security.Authentication.Web
I have encouraged Apple to provide a SSO service on OSX.
The availability of WebAuthn in browsers may make the platforms rethink
some things.
John B.
On Mon, Feb 25,
True, the WAB is perhaps the best approximation of a desktop system
browser-like feature, but it doesn't solve Mac or Linux. Even within the
Windows world, Win10 usage pulled ahead of Win7 only in January, and
barely- and the WAB isn't available on Win7.
In fact, you bring up an excellent point. I
A good example of a desktop application using browser authentication is
Github for Desktop.
They use custom URLs/callbacks for both OSX and Windows. Works very well.
———
Dominick
On 25. February 2019 at 11:48:20, Vittorio Bertocci (
vittorio=40auth0@dmarc.ietf.org) wrote:
Ahh, as John knows
I wish I could edit emails. Fixing some meaning changing typos.
True, the WAB is perhaps the best approximation of a desktop system
browser-like feature, but it doesn't solve Mac or Linux. Even within the
Windows world, Win10 usage pulled ahead of Win7 only in January, and
barely- and the WAB isn'
The callbacks do avoid the loopback, which is great, but the usability
remains harder than mobile and the embedded case: the auth tab appears
among others, the modal windows remain a possibility, etc - the level of
sophistication of the target audience of the github app can definitely
(hopefully?)
Win 10 2019H1 has a WebAuthn API for third party apps. Chrome and Fire
Fox are now using it.
Trusted browsers have some whitelisting involved. Other apps will be able
to use the API eventually. There are some issues around the RPID for apps
and websites that may make the authentication broker
Authors,
Since the draft was updated recently, we would like to get a new statement
from you around any IPR related to this specification.
Are you aware of any IPR related to the following Resource Indicators
document?
https://tools.ietf.org/html/draft-ietf-oauth-resource-indicators-02
Regards,
I am not aware of any IPR related to this document.
On Mon, Feb 25, 2019 at 2:14 PM Rifaat Shekh-Yusef
wrote:
> Authors,
>
> Since the draft was updated recently, we would like to get a new statement
> from you around any IPR related to this specification.
>
> Are you aware of any IPR related to
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol WG of the IETF.
Title : OAuth 2.0 Mutual TLS Client Authentication and
Certificate-Bound Access Tokens
Authors : Brian Ca
Draft -13 of "OAuth 2.0 Mutual TLS Client Authentication and
Certificate-Bound Access Tokens" has been published. The changes are listed
below and are largely aimed at addressing feedback from the AD review.
Although they also include some things that the WG has discussed on this
mailing list and a
> On Feb 25, 2019, at 4:56 AM, Vittorio Bertocci wrote:
>
> The callbacks do avoid the loopback, which is great, but the usability
> remains harder than mobile and the embedded case: the auth tab appears among
> others, the modal windows remain a possibility, etc - the level of
> sophisticat
I am not aware of any IPR related to this document.
From: Rifaat Shekh-Yusef
Sent: Montag, 25. Februar 2019 22:15
To: Brian Campbell
Cc: draft-ietf-oauth-resource-indicat...@ietf.org; oauth
Subject: Re: [OAUTH-WG] Resource Indicators - IPR Disclosure
Authors,
Since the draft was updated recen
13 matches
Mail list logo
