get mime
On November 13, 2012 12:00:08 PM PST, oauth-requ...@ietf.org wrote: > If you have received this digest without all the individual message > attachments you will need to update your digest options in your list > subscription. To do so, go to > > https://www.ietf.org/mailman/listinfo/oauth > > Click the 'Unsubscribe or edit options' button, log in, and set "Get > MIME or Plain Text Digests?" to MIME. You can set this option > globally for all the list digests you receive at this point. > > > > Send OAuth mailing list submissions to > oauth@ietf.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://www.ietf.org/mailman/listinfo/oauth > or, via email, send a message with subject or body 'help' to > oauth-requ...@ietf.org > > You can reach the person managing the list at > oauth-ow...@ietf.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of OAuth digest..." > > > Today's Topics: > > 1. Re: bag-of-keys metadata UC for the "mac" discussion (Phil Hunt) > 2. Re: bag-of-keys metadata UC for the "mac" discussion > (Leif Johansson) > 3. Review Volunteers (Hannes Tschofenig) > 4. Meeting Minutes (Hannes Tschofenig) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Mon, 12 Nov 2012 13:09:11 -0800 > From: Phil Hunt <phil.h...@oracle.com> > To: Leif Johansson <le...@mnt.se> > Cc: oauth@ietf.org > Subject: Re: [OAUTH-WG] bag-of-keys metadata UC for the "mac" > discussion > Message-ID: <7ef786e1-18e2-4974-a6bc-2c72be9f5...@oracle.com> > Content-Type: text/plain; charset="iso-8859-1" > > Leif, > > I've read this a couple of times and I think I'm getting lost in partial SAML > vs. OAuth terminology. As a result, I thought you were saying: > > 1. It isn't practical to issue client credentials even with Dynamic > Registration > 2. You want to re-use key management already in place with OAuth2. > > These statements seem to be in conflict. Did you mean to say for number 2 > that you want to re-use key management already in place for SAML? > > Phil > > @independentid > www.independentid.com > phil.h...@oracle.com > > > > > > On 2012-11-08, at 8:01 AM, Leif Johansson wrote: > > > I promised to send a UC to the list as input to the discussion around new > > token formats. > > > > --- > > > > Several large-scale deployments of public-key use a "bag-of-keys" model > > for key management: you stick endpoint information together with public > > keys for those endpoints in a signable container which is then signed with > > a private key associated with some "trust provider" an distributed to all > > entities/relying parties. > > > > Examples include various trust status lists formats and things like SAML > > metadata. > > > > The latter case (SAML metadata) isn't necessarily tied to the SAML v2 > > _protocol_ but it is used for that. Large-scale SAML federations are often > > setup to depend on distribution of signed SAML metadata. > > > > Consider the case when a large number of relying parties of such a SAML > > federation are also either OAUTH2 resource or authorization servers. Today > > all of those OAUTH2 entities have to be provisioned with separate client > > secrets that have no relationship to the trust infrastructure already in use > > in the federation. > > > > It is not uncommon for such federations to have 1000s and sometimes > > 10000s of entities making client secret management something of a > > scalability issue. > > > > Even with dynreg the problem of managing all of those client secrets > > would still remain a *huge* (operational) security and scalability issue. > > > > There is therefore a desire among communities that have such deployments > > to be able to re-use the key-management already in place for OAUTH2. > > > > Note that this example isn't tied to the SAML protocol at all. > > > > Leif > > _______________________________________________ > > OAuth mailing list > > OAuth@ietf.org > > https://www.ietf.org/mailman/listinfo/oauth > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > <http://www.ietf.org/mail-archive/web/oauth/attachments/20121112/ede07590/attachment.htm> > > ------------------------------ > > Message: 2 > Date: Mon, 12 Nov 2012 22:12:40 +0100 > From: Leif Johansson <le...@mnt.se> > To: Phil Hunt <phil.h...@oracle.com> > Cc: oauth@ietf.org > Subject: Re: [OAUTH-WG] bag-of-keys metadata UC for the "mac" > discussion > Message-ID: <50a16648.1030...@mnt.se> > Content-Type: text/plain; charset=ISO-8859-1 > > On 11/12/2012 10:09 PM, Phil Hunt wrote: > > Leif, > > > > I've read this a couple of times and I think I'm getting lost in > > partial SAML vs. OAuth terminology. As a result, I thought you were > > saying: > > > > 1. It isn't practical to issue client credentials even with Dynamic > > Registration > > 2. You want to re-use key management already in place with OAuth2. > > > > These statements seem to be in conflict. Did you mean to say for > > number 2 that you want to re-use key management already in place for SAML? > > > yep - "for" as in "for use by" > > > ------------------------------ > > Message: 3 > Date: Tue, 13 Nov 2012 10:19:24 -0500 > From: Hannes Tschofenig <hannes.tschofe...@gmx.net> > To: "oauth@ietf.org WG" <oauth@ietf.org> > Subject: [OAUTH-WG] Review Volunteers > Message-ID: <9aba26c3-1b06-4d15-9268-5f75b20e9...@gmx.net> > Content-Type: text/plain; charset=us-ascii > > We collected a number of action items last week. Here is my list > > 1. Token Revocation > > ACTION: Torsten to publish a draft update this week. > > ACTION: Volunteers to review the draft: > - Amanda > - Justin > - Tony > > 2. draft-ietf-oauth-jwt-bearer > > ACTION: Justin to review JWT Bearer Token Profiles > > 3. OAuth Use Cases > > ACTION: Tony to work with Zachary on building out use cases and clarifying > the audience of the doc. > > 4. JWT > > ACTION: Jeff Hodges, Klaas, and Leif to review the draft. > > 5. Security > > http://datatracker.ietf.org/doc/draft-tschofenig-oauth-security/ > > ACTION: working group to provide feedback on the requirements. > > 6. Dynamic Client Registration > > ACTION: Hannes to ask UMA folks to review the doc. > ACTION: Nat, John, Torsten to review the doc. > > > > > > ------------------------------ > > Message: 4 > Date: Tue, 13 Nov 2012 10:40:21 -0500 > From: Hannes Tschofenig <hannes.tschofe...@gmx.net> > To: "oauth@ietf.org WG" <oauth@ietf.org> > Subject: [OAUTH-WG] Meeting Minutes > Message-ID: <f640899a-b4e4-40b4-b961-64199c600...@gmx.net> > Content-Type: text/plain; charset=us-ascii > > Hi all, > > please have a look at the meeting minutes from last week: > http://www.ietf.org/proceedings/85/minutes/minutes-85-oauth > > Thanks to Amanda & Jean for taking notes. > > Ciao > Hannes & Derek > > > > ------------------------------ > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > > End of OAuth Digest, Vol 49, Issue 11 > *************************************
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
