I’m not sure you intend to discuss it in the Mix-up section, but I think we need time to discuss the correct configuration of clients and the resource/aud relationship issues (specifically: draft-campbell-oauth-resource-indicators <http://tools.ietf.org/id/draft-campbell-oauth-resource-indicators-01.txt> and draft-hunt-oauth-bound-config <http://tools.ietf.org/id/draft-hunt-oauth-bound-config-00.txt>).
There is apparently overlap with mix-up mitigation (either in reality or perception), so I think it is important to have a verbal discussion on this to get to consensus and understanding of the separate issues. As for POP-architecture, that has been on hold pending the mix-up discussions and understanding of dynamic client risks. So, not much need to discuss from my perspective. Thanks, Phil @independentid www.independentid.com <http://www.independentid.com/>phil.h...@oracle.com <mailto:phil.h...@oracle.com> > On Mar 21, 2016, at 1:15 PM, Hannes Tschofenig <hannes.tschofe...@gmx.net> > wrote: > > Hi all, > > I need your help creating the agenda for the next meeting. We have a 2 > 1/2 hour slot and many different topics to discuss. I put a strawman > proposal together but there are various things missing: > > * who volunteers to present and to lead the discussion, > * what time allocation is appropriate, > * what you are trying to accomplish during the meeting (goals), and > * what other items would you like to discuss (I know there are various > items missing from the list). > > So, you input is needed! > > ------- > > IETF 95 OAuth Meeting Agenda > Wednesday, 10:00-12:30 > Chairs: Hannes Tschofenig/Derek Atkins > > - Status Update (Hannes, 5 min) > > - OAuth 2.0 JWT Authorization Request (Nat, 15 min ) > https://datatracker.ietf.org/doc/draft-ietf-oauth-jwsreq/ > > - OAuth 2.0 Mix-Up Mitigation (TBD, 45 min) > https://datatracker.ietf.org/doc/draft-ietf-oauth-mix-up-mitigation/ > > - Proof-of-Possession (TBD, 35 min) > http://datatracker.ietf.org/doc/draft-ietf-oauth-proof-of-possession/ > http://datatracker.ietf.org/doc/draft-ietf-oauth-pop-architecture/ > http://datatracker.ietf.org/doc/draft-ietf-oauth-pop-key-distribution/ > https://datatracker.ietf.org/doc/draft-ietf-oauth-signed-http-request/ > > - Token Exchange (TBD, 15 min) > https://datatracker.ietf.org/doc/draft-ietf-oauth-token-exchange/ > > - OAuth 2.0 for Native Apps (William, 15 min) > http://datatracker.ietf.org/doc/draft-wdenniss-oauth-native-apps/ > > - Authentication Method Reference Values (Mike, 15 min) > https://datatracker.ietf.org/doc/draft-ietf-oauth-amr-values/ > > - Conclusion (Hannes, 5 min) > > ------- > > The latest version can be found at: > https://www.ietf.org/proceedings/95/agenda/agenda-95-oauth > > Ciao > Hannes & Derek > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
