Hi Justas, thanks for sending your feedback to the list.
There is indeed currently no editor for the document. That is, however, not the problem. The problem, as discussed on the list and also at the last IETF meeting, is that we do not yet know what type of security properties we want. The MAC draft may or may not provide the type of protection we want. For that reason we first have to figure out what problem we want to solve before we jump into the details of fixing some minor errors. Ciao Hannes On Aug 8, 2012, at 6:08 PM, Justin Richer wrote: > Thanks Justas. The MAC document is currently without an editor within the WG, > so this is the best place to record the error. > > A wider note to the WG: I wouldn't mind taking over editorship of the MAC > token document so long as I could get a co-editor with enough cryptographic > expertise to make sure all the magical crypto bits work like they should. > I've sent an email to the chairs saying as much, as well. > > -- Justin > > On 08/05/2012 06:30 AM, Justas Janauskas wrote: >> Hello, >> >> Sorry if this is not the right group to send this message; I am new here. >> >> I believe there is mistake in calculated request MAC presented in >> "draft-ietf-oauth-v2-http-mac-01" example, section 1.1. >> >> I made a small program to test correctness of an example and it shows >> that it is incorrectly calculated in the document: >> https://gist.github.com/3263677 >> >> I have also implemented an example from previous draft 00, section 1.2 >> which shows that request MAC is calculated correctly there: >> https://gist.github.com/3263765 >> >> Thank you, >> Justas Janauskas >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
