I also think it's worthwhile. OAuth2 doesn't provide a way to do a
signed-http-request in the way that OAuth1 does. I would definitely like
to see this draft make its way to completion, but I don't have the
crypto expertise to pick up editing it myself.
-- Justin
On 05/16/2012 11:51 AM, William Mills wrote:
I think there is a need for a signed token style OAuth 2 scheme, and
MAC fills this niche, although holder-of-key (as yet un-drafted) would
also do this nicely. Is MAC going to get picked up and driven to
completion?
Do others feel this token style (and security properties) are needed?
Or am I alone in this?
-bill
------------------------------------------------------------------------
*From:* Eran Hammer <e...@hueniverse.com>
*To:* "oauth@ietf.org WG (oauth@ietf.org)" <oauth@ietf.org>
*Sent:* Tuesday, May 15, 2012 6:41 PM
*Subject:* [OAUTH-WG] MAC Token draft
I am stepping down from my role as editor of the MAC token
specification. I do not intend to participate in this work moving
forward. I will forward my notes to the next editor if requested.
EH
_______________________________________________
OAuth mailing list
OAuth@ietf.org <mailto:OAuth@ietf.org>
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
