On Thu, Feb 4, 2010 at 12:02 AM, Eran Hammer-Lahav wrote:
> Thanks John.
>
> > -Original Message-
> > From: John Panzer [mailto:jpan...@google.com]
> > Sent: Tuesday, December 08, 2009 11:29 AM
>
> > Suggestion: It would be better to start with simple examples (bearer
> token)
> > which av
On the call today I clarified what is going on with all the different drafts.
In brief:
draft-hammer-oauth - documentation of the OAuth 1.0 Rev A (with changes)
protocol. This is done and should be approved by the IESG shortly for
publication.
draft-ietf-oauth-authentication - the part of OAut
Indeed. Feel free to start separate threads on each, add them to the
issue tracker, etc. I'll be mostly offline (travelling) for the next 36
hours but will try to catch up then.
Thanks to everyone who participated in today's call.
On 2/4/10 4:26 PM, Eran Hammer-Lahav wrote:
> All these items are
All these items are still open for discussion, even if we didn't get to them on
the call.
EHL
> -Original Message-
> From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf
> Of Eran Hammer-Lahav
> Sent: Tuesday, February 02, 2010 11:25 PM
> To: Peter Saint-Andre; OAuth WG
The OAuth WG will hold its third in a series of virtual interim meetings
on February 18, 2010, at 19:00 UTC. This will be a two-hour call to work
through a number of open issues leading up to IETF 77.
smime.p7s
Description: S/MIME Cryptographic Signature
___
Agree on the measurable/enforceable items
-Original Message-
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of Paul
C. Bryan
Sent: Thursday, February 04, 2010 2:38 PM
To: OAuth WG
Subject: Re: [OAUTH-WG] UMA use cases (was Re: proposed agenda for second
interim me
On Thu, 2010-02-04 at 19:17 +, Anthony Nadalin wrote:
> > use UMA to require the requester to assure her they will not misuse
> or further share her information
>
> Not sure how UMA would be able to deal with this, if you look at
> things like the OECD Data Protection Principles (on which Priv
I think it is worth a detailed discussion to conclude whether or not
UMA addresses the OECD principles. I don't have an opinion, and I don't
know OECD well enough to have one, but I think it is important, and I am
glad that Anthony has brought this up.
Igor
Anthony Nadalin wrote:
use UMA to
> use UMA to require the requester to assure her they will not misuse or
> further share her information
Not sure how UMA would be able to deal with this, if you look at things like
the OECD Data Protection Principles (on which Privacy laws have been based)
there are a lot of things considered
On 2/4/10 11:52 AM, Dick Hardt wrote:
>
> On 2010-02-04, at 10:47 AM, Peter Saint-Andre wrote:
>
>>
>>
>> On 2/3/10 11:55 AM, Dick Hardt wrote:
>>> I recall from the call that Peter did ask if there was consensus
>>> on the approach of gathering use cases. There seemed consensus
>>> that the WG
On 2010-02-04, at 10:47 AM, Peter Saint-Andre wrote:
>
>
> On 2/3/10 11:55 AM, Dick Hardt wrote:
>> I recall from the call that Peter did ask if there was consensus on
>> the approach of gathering use cases. There seemed consensus that the
>> WG might not fully understand the problem and that t
On 2/3/10 11:55 AM, Dick Hardt wrote:
> I recall from the call that Peter did ask if there was consensus on
> the approach of gathering use cases. There seemed consensus that the
> WG might not fully understand the problem and that this made sense.
I agree, but given that we haven't had a lot of
On 2010-02-03, at 10:54 AM, Eve Maler wrote:
>
> - There is a conceptual similarity between the UMA and WRAP entities, but our
> analysis so far shows it to be shallow in spots. For example, WRAP's
> "protected resource" maps fairly well to an UMA "host" (which may host any
> number of prote
If James is interested in this then he can write an Internet-Draft.
That's how the IETF works. :)
IMHO such a WWW-Authenticate header might be quite useful, if we think
that random entities might try to access a resource that is protected
and therefore might need a way to know that they can acce
Below is a scenario that captures most of the key aspects that I believe OAuth
specs should support. [Some might recognize it from 19 months ago on the OAuth
googlegroups list]
Consider an app (the client) that adds pretty frames to photos. The app
understands Atom feeds that hold collections
Hi folks,
In the beginning of December, I posted 2 use cases for multi-level
delegation, but I didn't receive a lot of feedback there:
http://www.ietf.org/mail-archive/web/oauth/current/msg00807.html
Please feel free to provide feedback, now we are discussing about use
cases.
Best regards,
Bart
Thanks John.
> -Original Message-
> From: John Panzer [mailto:jpan...@google.com]
> Sent: Tuesday, December 08, 2009 11:29 AM
> Suggestion: It would be better to start with simple examples (bearer token)
> which avoids the need to wade through concepts like timestamp
> synchronization and
17 matches
Mail list logo
