Some people and specs associate holder of key with asymmetric keys. Proof of possession is thought to be a broader category including symmetric and key agreement eg http://tools.ietf.org/html/rfc2875.
NIST defines the term PoP Protocol http://fismapedia.org/index.php?title=Term:Proof_of_Possession_Protocol In SAML the saml:SubjectConfirmation method is called urn:oasis:names:tc:SAML:2.0:cm:holder-of-key In WS* the term proof of possession is more common. So I think for this document as an overview "Proof of Possession (PoP) Architecture" is fine. John B. On Apr 3, 2014, at 12:41 PM, Phil Hunt <phil.h...@oracle.com> wrote: > What was wrong with HOK? > > Aside: Why was “the” so important in HOTK? > > Phil > > @independentid > www.independentid.com > phil.h...@oracle.com > > On Apr 3, 2014, at 9:37 AM, Anil Saldhana <anil.saldh...@redhat.com> wrote: > >> Prateek, >> why not just use "proof"? >> >> draft-hunt-oauth-proof-architecture-00.txt >> >> Is that allowed by IETF? >> >> >> Regards, >> Anil >> >> On 04/03/2014 11:30 AM, Prateek Mishra wrote: >>> "key confirmed" or "key confirmation" is another term that is widely used >>> for these use-cases >>>> I really *like* the name "proof of possession", but I think the acronym >>>> PoP is going to be confused with POP. HOTK has the advantage of not being >>>> a homonym for aything else. What about "Possession Proof"? >>>> >>>> -bill >>>> >>>> >>>> -------------------------------- >>>> William J. Mills >>>> "Paranoid" MUX Yahoo! >>>> >>>> On Thursday, April 3, 2014 1:38 AM, "internet-dra...@ietf.org" >>>> <internet-dra...@ietf.org> wrote: >>>> >>>> A new version of I-D, draft-hunt-oauth-pop-architecture-00.txt >>>> has been successfully submitted by Hannes Tschofenig and posted to the >>>> IETF repository. >>>> >>>> Name: draft-hunt-oauth-pop-architecture >>>> Revision: 00 >>>> Title: OAuth 2.0 Proof-of-Possession (PoP) Security Architecture >>>> Document date: 2014-04-03 >>>> Group: Individual Submission >>>> Pages: 21 >>>> URL: >>>> http://www.ietf.org/internet-drafts/draft-hunt-oauth-pop-architecture-00.txt >>>> Status: >>>> https://datatracker.ietf.org/doc/draft-hunt-oauth-pop-architecture/ >>>> Htmlized: >>>> http://tools.ietf.org/html/draft-hunt-oauth-pop-architecture-00 >>>> >>>> >>>> Abstract: >>>> The OAuth 2.0 bearer token specification, as defined in RFC 6750, >>>> allows any party in possession of a bearer token (a "bearer") to get >>>> access to the associated resources (without demonstrating possession >>>> of a cryptographic key). To prevent misuse, bearer tokens must to be >>>> protected from disclosure in transit and at rest. >>>> >>>> Some scenarios demand additional security protection whereby a client >>>> needs to demonstrate possession of cryptographic keying material when >>>> accessing a protected resource. This document motivates the >>>> development of the OAuth 2.0 proof-of-possession security mechanism. >>>> >>>> >>>> >>>> >>>> >>>> Please note that it may take a couple of minutes from the time of >>>> submission >>>> until the htmlized version and diff are available at tools.ietf.org. >>>> >>>> The IETF Secretariat >>>> >>>> >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
