Re: [OAUTH-WG] [SPICE] OAuth Digital Credential Status Attestations

I think both Pauls and Giuseppes approches are needed and should progress in the IETF. Cheers Leif ___ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth

Re: [OAUTH-WG] OAuth Digital Credential Status Attestations

Hi Hannes, Thank you for your quick reaction and also to Orie for sharing. I've submitted the draft, here: https://datatracker.ietf.org/doc/draft-demarco-status-attestations/ Regarding the term Attestation: good point. We have decided to use this term since in several IETF and OpenID drafts this

Re: [OAUTH-WG] [EXTERNAL] Issuers: Lamps <> Scitt

Seems reasonable to me. --- Mike Ounsworth From: Orie Steele Sent: Wednesday, January 17, 2024 11:40 AM To: Mike Ounsworth Cc: scitt ; LAMPS ; oauth Subject: Re: [EXTERNAL] Issuers: Lamps <> Scitt It seems OAUTH has a draft that also addresses the binding of `iss` to certificates:

Re: [OAUTH-WG] OAuth Digital Credential Status Attestations

Hi Guiseppe, Francesco, Orie, @Orie: Thanks for sharing the draft. As a quick reaction: It would be good to invent a new term for “attestation” in draft-demarco-status-attestations.html because this term is already widely used in a different context (see RFC 9334). @Guiseppe and Franc

[OAUTH-WG] OAuth Digital Credential Status Attestations

Hello Digital Credential Enthusiasts, See: https://peppelinux.github.io/draft-demarco-status-attestations/draft-demarco-status-attestations.html Note the use of the term digital credential, and the alignment to CWT based credentials and CWT based credential status lists. As a quick summary of th

Re: [OAUTH-WG] [SCITT] [EXTERNAL] Issuers: Lamps <> Scitt

Anything that will enable support for X.509 and PKCS #1 signatures would be good. The same is true for OpenPGP. Thanks, Dick Brooks Active Member of the CISA Critical Manufacturing Sector, Sector Coordinating Council – A Public-Private Partnership

Re: [OAUTH-WG] [EXTERNAL] Issuers: Lamps <> Scitt

It seems OAUTH has a draft that also addresses the binding of `iss` to certificates: > If the iss value contains a DNS name encoded as a URI using the DNS URI scheme [RFC4501]. In this case, the DNS name MUST match a dNSName Subject Alternative Name (SAN) [RFC5280] entry of the leaf certificate.

[OAUTH-WG] [Errata Verified] RFC7662 (4764)

The following errata report has been verified for RFC7662, "OAuth 2.0 Token Introspection". -- You may review the report below and at: https://www.rfc-editor.org/errata/eid4764 -- Status: Verified Type: Editorial Reported b

[OAUTH-WG] [Errata Verified] RFC6749 (5708)

The following errata report has been verified for RFC6749, "The OAuth 2.0 Authorization Framework". -- You may review the report below and at: https://www.rfc-editor.org/errata/eid5708 -- Status: Verified Type: Editorial Re

[OAUTH-WG] Call for Papers: TDI 2024 (co-located with OSW 2024)

Dear All, the next OAuth Security Workshop will be co-located with the 2nd International Workshop on Trends in Digital Identity (TDI 2024), which will take place in the same venue (Auditorium Antonianum, Rome, Italy) on April 9, 2024. In addition to some invited talks related to Government and Pub