: Freitag, 7. Februar 2025 18:56
An: Steffen Schwalm
Cc: oauth@ietf.org
Betreff: Re: [OAUTH-WG] Re: Status List Feature Request
Caution: This email originated from outside of the organization. Despite an
upstream security check of attachments and links by Microsoft Defender for
Office, a residual risk
While going through the feedback and issues on github, there was one bigger
discussion point that we would like to bring to the mailing list. Steffen
Schwalm asked for support for X.509 Certificate revocation with the Status List
- in that case the Status List describing the status of an
ns. Only open attachments and links from
known and trusted senders.
Legal requirements can only be adjudicated by legal means. The common approach
in standards developments should be to enable a legal solution not to mandate
it.
thx ..Tom (mobile)
On Mon, Dec 16, 2024, 11:14 PM Steffen
In > 80% of use cases the retention period is not defined by law but defined by
records manager after receiving the information from holder. So data retention
won`t work. For those thinking about GDPR: Yes possible within GDPR too as GDPR
does not require definition retention during collection o
Hi Mike,
as you mentioned relevant is consensus not alleged majority.
Von: Michael Jones
Gesendet: Dienstag, 3. Dezember 2024 16:24
An: Hannes Tschofenig ; oauth@ietf.org
Betreff: [OAUTH-WG] Re: Precipitous unreviewed change
Caution: This email originated from outside of the organization. Desp
he rough consensus that is missing -
that's why I pointed to the two threads of discussions - and not to ignore the
usual IETF processes.
Am 13.11.24 um 22:34 schrieb Steffen Schwalm:
great work! Looking at [1] and [2] there`s obviously no consensus – which
implies a breach o
ut they are wrong according
to your own rules. We would not have to waste our time if the editors of SD-JWT
VC draft would follow IETF Rules and keep the agreements they made with
internal and external parties.
Best
Steffen
Von: Brian Campbell
Gesendet: Montag, 18. November 2024 12:51
An: S
Markus
On 11/14/24 7:00 PM, Daniel Fett wrote:
Steffen,
I am surprised and somewhat startled by the tone in your message. My message to
this list was clearly intended to find the rough consensus that is missing -
that's why I pointed to the two threads of discussions - and not to igno
ge to
this list was clearly intended to find the rough consensus that is missing -
that's why I pointed to the two threads of discussions - and not to ignore the
usual IETF processes.
Am 13.11.24 um 22:34 schrieb Steffen Schwalm:
great work! Looking at [1] and [2] there`s obviously no consen
d not to ignore the
usual IETF processes.
Am 13.11.24 um 22:34 schrieb Steffen Schwalm:
great work! Looking at [1] and [2] there`s obviously no consensus – which
implies a breach of Sections 1.2, 5 and 9.2 of the IETF Directives on Internet
Standards Process.
These are strong accusations. I presume you&
Hi Daniel,
great work! Looking at [1] and [2] there`s obviously no consensus – which
implies a breach of Sections 1.2, 5 and 9.2 of the IETF Directives on Internet
Standards Process. An assumption is great but not sufficient as in any
standardization body. According to IETF rules the consensus
@Christian: If you want to replace certificates with JWT/CWT (in case using it
for QEAA acc. Art. 45b ff.) it might be meaningful regarding validation (and so
revocation subjects) to have look into current development of ETSI EN 319 102
(last version 03/24) which defines current signature valida
12 matches
Mail list logo
