I have promised to put together a summary of the discussion presented in vancouver meeting.
Unfortunately it may take a few weeks as i am away for another week and a half. Phil On 2012-08-08, at 9:24, Hannes Tschofenig <hannes.tschofe...@gmx.net> wrote: > Hi Justas, > > thanks for sending your feedback to the list. > > There is indeed currently no editor for the document. That is, however, not > the problem. > The problem, as discussed on the list and also at the last IETF meeting, is > that we do not yet know what type of security properties we want. The MAC > draft may or may not provide the type of protection we want. > > For that reason we first have to figure out what problem we want to solve > before we jump into the details of fixing some minor errors. > > Ciao > Hannes > > On Aug 8, 2012, at 6:08 PM, Justin Richer wrote: > >> Thanks Justas. The MAC document is currently without an editor within the >> WG, so this is the best place to record the error. >> >> A wider note to the WG: I wouldn't mind taking over editorship of the MAC >> token document so long as I could get a co-editor with enough cryptographic >> expertise to make sure all the magical crypto bits work like they should. >> I've sent an email to the chairs saying as much, as well. >> >> -- Justin >> >> On 08/05/2012 06:30 AM, Justas Janauskas wrote: >>> Hello, >>> >>> Sorry if this is not the right group to send this message; I am new here. >>> >>> I believe there is mistake in calculated request MAC presented in >>> "draft-ietf-oauth-v2-http-mac-01" example, section 1.1. >>> >>> I made a small program to test correctness of an example and it shows >>> that it is incorrectly calculated in the document: >>> https://gist.github.com/3263677 >>> >>> I have also implemented an example from previous draft 00, section 1.2 >>> which shows that request MAC is calculated correctly there: >>> https://gist.github.com/3263765 >>> >>> Thank you, >>> Justas Janauskas >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
