Here is the correct IETF notes link:
https://notes.ietf.org/notes-ietf-interim-2021-oauth-12-oauth
On Wed, Oct 13, 2021 at 4:23 PM Rifaat Shekh-Yusef
wrote:
> All,
>
> Thanks to *Hannes* and *Dick* for taking the minutes for this meeting.
> The following links have the minutes, attendees, and
All,
Thanks to *Hannes* and *Dick* for taking the minutes for this meeting.
The following links have the minutes, attendees, and recording of the
meeting:
https://datatracker.ietf.org/meeting/interim-2021-oauth-12/materials/minutes-interim-2021-oauth-12-202110131200-00
Am 12.04.21 um 16:56 schrieb Denis:
> Hi Daniel,
>
>> (...)
As I'm sure you have noticed, we have updated Section 3 following
your last input. It now explicitly says:
Attackers can collaborate to reach a common goal.
It also says
Note that in
Hi Steinar,
Please read first the response just posted to Daniel.
Hi Denis, I don't understand the attack or the countermeasures you are
describing completely - but that doesn't really matter.
Since it does not matter, let us continue. :-)
As far as I know OAuth doesn't require a specific
Hi Daniel,
(...)
As I'm sure you have noticed, we have updated Section 3 following
your last input. It now explicitly says:
Attackers can collaborate to reach a common goal.
It also says
Note that in this attacker model, an attacker (see A1) can be a RO or
act as one. For
Hi Denis,
Am 12.04.21 um 14:57 schrieb Denis:
>>
>>> The first sentence of section 3 (The Updated OAuth 2.0 Attacker
>>> Model) clearly states:
>>>
>>> " In the following, this attacker model is updated (...) to
>>> include new types of attackers and to define the attacker model more
>>>
Hi Denis, I don't understand the attack or the countermeasures you are
describing completely - but that doesn't really matter.
As far as I know OAuth doesn't require a specific token format, so the
countermeasure you describe is based on an assumption that the AT is a JWT.
If that's the case,
Hi Daniel,
Denis,
I was awaiting your mail and I admire your perseverence with bringing
this topic to our attention.
[Denis] I admire your perseverence with constantly refusing to include
this attack. :-)
To your points:
Am 12.04.21 um 13:36 schrieb Denis:
The case where two clients
Denis,
I was awaiting your mail and I admire your perseverence with bringing
this topic to our attention.
To your points:
Am 12.04.21 um 13:36 schrieb Denis:
> The case where two clients collude to mount an attack against a RS is
> not addressed. It now needs to be addressed.
>
>
> This should
To all,
In RFC 6819 OAuth 2.0 Security), it is assumed in section 2.2 (Attack
Assumptions)that :
* two of the three parties involved in the OAuth protocol may collude
to mount an attack against the 3rd party.
For example, the client and authorization server may be under
control of
All,
The coming OAuth WG Interim meeting is this coming* Monday, April 12th, at
12:00 pm EDT.*
The meeting will be focused on the *Security BCP *document:
https://datatracker.ietf.org/doc/draft-ietf-oauth-security-topics/
The following link has links to the slide and draft and will be used to
All,
The coming OAuth WG Interim meeting is this coming* Monday, April 5th, at
12:00 pm EDT.*
The meeting will be focused on the RAR document:
https://datatracker.ietf.org/doc/draft-ietf-oauth-rar/
The following link has links to the slide and draft and will be used to
capture the notes and
All,
The coming OAuth WG Interim meeting is this coming* Monday, March 29, at
12:00 pm EDT.*
The meeting will cover two topics:
- *Client Intermediary Metadata*
https://datatracker.ietf.org/doc/draft-parecki-oauth-client-intermediary-metadata/
- *Multi-Subject JWT*
All,
The following is the OAuth 2.1 Interim meeting minutes:
https://codimd.ietf.org/s/notes-ietf-interim-2021-oauth-02-oauth
https://datatracker.ietf.org/meeting/interim-2021-oauth-02/materials/minutes-interim-2021-oauth-02-202103221200-00
Thanks to *Dan Moore *for taking these notes.
Regards,
All,
The coming OAuth WG Interim meeting to discuss *OAuth2.1* is this coming*
Monday, March 22nd, at 12:00 pm EDT.*
The following link has links to the slides and the draft and will be used
to capture the notes and attendees:
https://codimd.ietf.org/notes-ietf-interim-2021-oauth-02-oauth
*Webex
Meeting Minutes, OAuth Interim Meeting, 23rd May 2011
=
Scribe: Bill Mills (post-processing by Hannes Tschofenig)
Participants:
** in person **
- Hannes Tschofenig
- Jonas Hogberg
- Bill Mills
- Marius Scurtescu
- Andrew Wansley
- Breno
Thanks for posting this Hannes
-Doug Tangren
http://lessis.me
On Fri, Jun 3, 2011 at 8:45 AM, Hannes Tschofenig hannes.tschofe...@gmx.net
wrote:
Bill Mills (post-processi
___
OAuth mailing list
OAuth@ietf.org
Hey all,
a number of you had signed up already for the interim meeting either at the
OAuth Wiki or at the Eventbrite page:
http://oauth-interim.eventbrite.com/
http://trac.tools.ietf.org/wg/oauth/trac/wiki/InterimMeetingAttendance
If you have not added your name to either one of these two
2 questions?
1. Would there be a conference line one could dial into remotely? (I'm in
New York City)
2. Is this open to implementors of the spec in addition to it's authors?
(I'm currently implementing draft 15 as developer @ meetup.com)
-Doug Tangren
http://lessis.me
Yes and yes. Just please add (remote) to your name on the wiki page.
On Wed, May 11, 2011 at 8:38 AM, Doug Tangren d.tang...@gmail.com wrote:
2 questions?
1. Would there be a conference line one could dial into remotely? (I'm in
New York City)
2. Is this open to implementors of the spec in
: Re: [OAUTH-WG] OAuth Interim Meeting
2 questions?
1. Would there be a conference line one could dial into remotely? (I'm in New
York City)
2. Is this open to implementors of the spec in addition to it's authors? (I'm
currently implementing draft 15 as developer @ meetup.comhttp://meetup.com
Doug says...
2. Is this open to implementors of the spec in addition to it's authors?
(I'm currently implementing draft 15 as developer @ meetup.com)
Eran says...
This is an official interim working group meeting which goes by all the
normal IETF rules of such meetings and is open for all.
Thanks guys. Added my name to the list.
-Doug Tangren
http://lessis.me
___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
-
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf
Of David Recordon
Sent: Friday, April 22, 2011 2:26 PM
To: Melinda Shore
Cc: Barry Leiba; OAuth WG
Subject: Re: [OAUTH-WG] OAuth Interim Meeting
I can setup audio and video conferencing if it's at Facebook.
On Fri
Have the plans for the interim meeting been nailed down - including a rough
agenda ?
(I heard discussion on closing the open issues...anything else that will be
discussed ?)
Is this still being held at Facebook, 9-6 and were the web conference/dial
in numbers arranged ?
On Tue, May 10, 2011 at 3:00 AM, David Recordon record...@gmail.com wrote:
Haven't seen any followup here but am running into people telling me that
they're coming to Facebook. I'm still happy to host, just unclear since I
haven't
heard anything.
Yes, so sorry about that.
The chairs would be
On Tue, May 10, 2011 at 11:17 PM, Barry Leiba barryle...@computer.org wrote:
If you post the venue details to this thread, when you have them, I'll
update the wiki:
http://trac.tools.ietf.org/wg/oauth/trac/wiki/InterimMeeting
Sure, it's 1050 Page Mill Road in Palo Alto and then head to the
If you post the venue details to this thread, when you have them, I'll
update the wiki:
http://trac.tools.ietf.org/wg/oauth/trac/wiki/InterimMeeting
Sure, it's 1050 Page Mill Road in Palo Alto and then head to the lobby
of building 1.
I have updated the wiki.
Barry
Sure, it's 1050 Page Mill Road in Palo Alto and then head to the lobby
of building 1.
I have updated the wiki.
Hannes has also created an Eventbrite event for people to sign up at:
http://oauth-interim.eventbrite.com/
It's very important, for room planning purposes (and lunch, too) that
Hi all,
we are planning to hold a 1-day interim meeting for the OAuth working group.
Date: 23rd May, 2011 (9am - 6pm)
Location: Mountain View, CA, US
Host: Tbd.
Agenda: Discussion of remaining open issues with the OAuth 2.0 specification,
and other working group items.
Ciao
Hannes Blaine
Happy to host in Palo Alto.
On Fri, Apr 22, 2011 at 8:01 AM, Hannes Tschofenig
hannes.tschofe...@gmx.net wrote:
Hi all,
we are planning to hold a 1-day interim meeting for the OAuth working group.
Date: 23rd May, 2011 (9am - 6pm)
Location: Mountain View, CA, US
Host: Tbd.
Agenda:
To make it easier to keep track of how many attendees we might get,
I've created a wiki page for probable attendees to record their
intent:
http://trac.tools.ietf.org/wg/oauth/trac/wiki/InterimMeetingAttendance
If you intend to attend, please help by going to that page and editing
it, and
Secretary - this is approved, you can send a note to ietf-announce.
In case folks aren't familiar with them the guidelines for interim
meetings are at [1].
I think this is a fine idea. Unfortunately I can't be there due to
another commitment.
Stephen.
[1]
I'm unable to attend in person but I'm hoping that remote participation
will be an option - any hope of that?
Thanks,
Melinda
___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
I can setup audio and video conferencing if it's at Facebook.
On Fri, Apr 22, 2011 at 12:13 PM, Melinda Shore melinda.sh...@gmail.com wrote:
I'm unable to attend in person but I'm hoping that remote participation
will be an option - any hope of that?
Thanks,
Melinda
+1 for Facebook.
-Original Message-
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf
Of David Recordon
Sent: Friday, April 22, 2011 2:26 PM
To: Melinda Shore
Cc: Barry Leiba; OAuth WG
Subject: Re: [OAUTH-WG] OAuth Interim Meeting
I can setup audio and video
-
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of
Tschofenig, Hannes (NSN - FI/Espoo)
Sent: Tuesday, April 13, 2010 12:09 PM
To: OAuth WG
Subject: [OAUTH-WG] OAuth Interim Meeting
Hi all,
This is an early warning!
As mentioned at the last IETF meeting we are thinking
On 4/14/10 10:58 PM, Eliot Lear l...@cisco.com wrote:
1. Could we have remote participation so that those of us who are unable to
travel can join?
Setting up a jabber room is trivial. An audio channel is harder but we can
try.
2. Can you confirm that OAUTH will meet in Maastricht, and
Hannes,
I haven't seen a tremendous amount of response to this meeting, but it
seems like a good idea, even though I cannot be there in person. I
would ask two things:
1. Could we have remote participation so that those of us who are
unable to travel can join?
2. Can you confirm that
On March 4 2010, the OAuth WG will hold its fourth interim conference
call leading up to IETF 77. Scheduling details and logistics to follow.
Peter
--
Peter Saint-Andre
https://stpeter.im/
smime.p7s
Description: S/MIME Cryptographic Signature
___
40 matches
Mail list logo