[OAUTH-WG] Re: Call for adoption - RFC7523bis

2025-02-13 Thread Dima Postnikov
I support the adoption of *RFC7523bis* draft. On Fri, Feb 7, 2025 at 3:38 AM Rifaat Shekh-Yusef wrote: > All, > > This is a call for adoption for the *RFC7523bis* draft that was discussed > recently during the last interim meeting: > https://datatracker.ietf.org/doc/draft-jones-oauth-rfc7523bis/

[OAUTH-WG] Re: late review of draft-ietf-oauth-selective-disclosure-jwt-15

2025-02-13 Thread Rohan Mahy
Hi, I have a few comments on Section 10.1. However, when the user only discloses a birthdate to one Verifier and a > postal code to another Verifier, the two Verifiers should not be able to > determine that they were interacting with the same user. Regarding presentation unlinkability and verifie

[OAUTH-WG] Re: Call for adoption - RFC7523bis

2025-02-13 Thread Michael Fraser
Hi, I support adoption Thanks, Michael Fraser ___ OAuth mailing list -- oauth@ietf.org To unsubscribe send an email to oauth-le...@ietf.org

[OAUTH-WG] Re: [External Sender] Re: Call for adoption - RFC7523bis

2025-02-13 Thread George Fletcher
I support adoption On Thu, Feb 13, 2025 at 9:28 AM Nat Sakimura wrote: > +1 > > On Thu, Feb 13, 2025 at 10:33 PM Dave Tonge > wrote: > >> Hi >> >> I support adoption >> >> Thanks >> >> Dave >> >> On Thu, 6 Feb 2025 at 17:37, Rifaat Shekh-Yusef >> wrote: >> >>> All, >>> >>> This is a call for a

[OAUTH-WG] Re: Call for adoption - RFC7523bis

2025-02-13 Thread Nat Sakimura
+1 On Thu, Feb 13, 2025 at 10:33 PM Dave Tonge wrote: > Hi > > I support adoption > > Thanks > > Dave > > On Thu, 6 Feb 2025 at 17:37, Rifaat Shekh-Yusef > wrote: > >> All, >> >> This is a call for adoption for the *RFC7523bis* draft that was >> discussed recently during the last interim meetin

[OAUTH-WG] Re: Call for adoption - RFC7523bis

2025-02-13 Thread Dave Tonge
Hi I support adoption Thanks Dave On Thu, 6 Feb 2025 at 17:37, Rifaat Shekh-Yusef wrote: > All, > > This is a call for adoption for the *RFC7523bis* draft that was discussed > recently during the last interim meeting: > https://datatracker.ietf.org/doc/draft-jones-oauth-rfc7523bis/ > > Rememb

[OAUTH-WG] WIMSE (was Re: Re: [RFC7523] JWT-SVID as a client_assertion)

2025-02-13 Thread John Kemp
I just wanted to make people on this thread aware of the related IETF WIMSE (https://datatracker.ietf.org/group/wimse/about/) work, as well as note SPIFFE issue #315 (https://github.com/spiffe/spiffe/issues/315) as being pieces of related work to profile JWTs to work with SPIFFE/SPIRE. Regards

[OAUTH-WG] Re: [RFC7523] JWT-SVID as a client_assertion

2025-02-13 Thread Erin Shepherd
So I’ve been thinking of similar > On 13 Feb 2025, at 01:24, Dmitry Telegin wrote: > > (Background: exploring the possibility of using SPIFFE as client > authentication mechanism at the Transaction Token service.) > > JWT-SVIDs, defined in SPIFFE, are regular JWTs, though with some > peculiar

[OAUTH-WG] Re: [RFC7523] JWT-SVID as a client_assertion

2025-02-13 Thread Warren Parad
It sounds like the SPIRE server is the AS. Which means that it must already have the clients registered and house their public keys or else the client signing doesn't work. Does SPIRE somehow not have this information already? On Thu, Feb 13, 2025, 01:25 Dmitry Telegin wrote: > (Background: exp