Thanks Mike, "hwk" and "swk" would do. The actual auth method is indeed proving key possession, whereas x.509 is mostly about formatting.
Vladimir On 03/09/16 01:20, Mike Jones wrote: > Thanks for your question, Vladimir. No, there is not currently an > X.509-specific value defined. However, there are these related values: > > hwk > Proof-of-possession (PoP) of a hardware-secured key. See > Appendix C of [RFC4211] for a discussion on PoP. > > swk > Proof-of-possession (PoP) of a software-secured key. See > Appendix C of [RFC4211] for a discussion on PoP. > > Given that x.509 authentication is PoP authentication, these might apply, > depending upon your use case. Are you using an X.509 "amr" value in > practice? Remember that even if such a value isn't already in use now, if it > is ever need in the future, it can always be added later via the registry > established by this specification. > > Thanks again, > -- Mike > > -----Original Message----- > From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Vladimir Dzhuvinov > Sent: Wednesday, July 27, 2016 8:14 AM > To: oauth@ietf.org > Subject: Re: [OAUTH-WG] Working Group Last Call on "Authentication Method > Reference Values" > > > > On 18/07/16 17:30, Hannes Tschofenig wrote: >> Hi all, >> >> this is a Last Call for comments on the "Authentication Method >> Reference Values" specification. >> >> The document can be found here: >> https://tools.ietf.org/html/draft-ietf-oauth-amr-values-01 >> >> Please have your comments in no later than August 1st. > Thanks Hannes. > > Do we have an "amr" value for x.509 certificate based authentication? > >> Ciao >> Hannes & Derek >> > -- > Vladimir Dzhuvinov > > -- Vladimir Dzhuvinov :: vladi...@connect2id.com
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
