IETF
oauth@jabber.ietf.org
Thursday, July 24, 2014< ^ >
Barry Leiba has set the subject to: OAuth WG | http://tools.ietf.org/wg/oauth/ | IETF 85 audio stream: http://ietf85streaming.dnsalias.net/ietf/ietf854.m3u
Room Configuration
Room Occupants

GMT+0
[02:05:01] metricamerica joins the room
[02:24:57] metricamerica leaves the room
[14:03:35] metricamerica joins the room
[15:15:06] metricamerica leaves the room
[16:51:33] metricamerica joins the room
[18:57:38] metricamerica leaves the room
[19:07:41] derek joins the room
[19:07:53] derek leaves the room
[19:08:08] Tom Yu joins the room
[19:08:10] derek joins the room
[19:12:44] metricamerica joins the room
[19:15:08] <derek> hopefully the audio will show up...
[19:15:23] <derek> (not sure why this says ietf85)
[19:15:46] <Tom Yu> probably nobody has changed the chat room topic since then
[19:16:53] derek has set the subject to: OAuth WG | http://tools.ietf.org/wg/oauth/ | IETF 90 audio stream: http://ietf90streaming.dnsalias.net/ietf/ietf903.m3u
[19:16:58] <derek> Okay, I can fix that
[19:17:09] <derek> now, hopefully the audio will actually show up
[19:17:22] <derek> (still have 3 minutes)
[19:18:14] metricamerica joins the room
[19:18:38] metricamerica leaves the room
[19:18:45] Ben Kaduk joins the room
[19:19:29] <Ben Kaduk> The audio stream is not working; is that expected?
[19:19:41] <derek> Define "expected"
[19:19:55] Bill Mills joins the room
[19:20:02] <Ben Kaduk> Well, stream06 is connected and "playing" slience, but stream03 won't connect at all.
[19:20:20] <Ben Kaduk> This is the same state that stream02 was in at the beginning of the SAAG session.
[19:20:29] <Ben Kaduk> Oh, now it came up.  Yay.
[19:20:31] <Bill Mills> The streaming audio link did not work for me
[19:20:38] <Bill Mills> is there a meetcho?
[19:20:53] <Ben Kaduk> Well, I think it came up.  Haven't heard enough yet to be sure it's the right stream.
[19:20:56] <derek> No, no meetecho, sorry.
[19:21:01] <derek> Sounds like Hannes.
[19:21:05] <Bill Mills> ah, audo might be coming up now
[19:21:12] <derek> And Mike... so yes, the right place.
[19:21:20] <derek> Hopefully Hannes will get a jabber scribe for the room
[19:21:53] <Bill Mills> got audio now
[19:22:56] <Bill Mills> wow Hannes is very loud :)
[19:23:04] semery joins the room
[19:23:07] <derek> Hi Hannes
[19:23:23] Kathleen Moriarty joins the room
[19:23:32] <Kathleen Moriarty> agenda slide
[19:23:53] metricamerica leaves the room
[19:23:57] JeffH joins the room
[19:25:17] <semery> "Document Status"
[19:27:45] <semery> "Document Status, cont."
[19:28:23] <semery> "Document Status, cont."
[19:29:26] <semery> "Published Security Advisory for "Covert Redirect""
[19:30:41] <semery> End Slides
[19:31:24] <semery> Presentation: "OAuth Dynamic Client Registration"
[19:31:47] <Bill Mills> lots of static on that mic
[19:31:50] <Bill Mills> you fixed it
[19:32:13] <Bill Mills> Justin's magnetic personality strikes again
[19:32:22] <semery> "Since last we met"
[19:32:48] tsitkova joins the room
[19:33:42] <Bill Mills> Justin is too close to the mic
[19:34:17] <semery> "Open Issue: IPR Attribution"
[19:39:36] <semery> "Open Issue: "application_type""
[19:46:16] <Ben Kaduk> We only got silence for both sides of the hum, on the audio stream...
[19:46:52] <semery> There were one for removing, a few for keeping.
[19:48:11] <derek> Thank you!
[19:49:13] <semery> "Open Issue: client_secret_expires_at"
[19:54:48] tsitkova leaves the room
[19:55:15] <semery> "Open Issue: Management API"
[20:00:06] <semery> I have to leave for tcpinc for the TLS discussions.  Hopefully someone here can take over as jabber scribe.
[20:00:34] semery leaves the room
[20:00:36] <JeffH> i can do it
[20:01:01] <derek> thank
[20:01:05] <derek> er, thanks
[20:02:08] <JeffH> next talk IETF OAuth
Proof-of-Possession
[20:02:38] <JeffH> http://www.ietf.org/proceedings/90/slides/slides-90-oauth-7.pptx
[20:03:00] <JeffH> slide 3 architecture
[20:04:09] <JeffH> jumped to slide 7
[20:04:28] <JeffH> PoP Token: Symmetric Key Example
[20:04:49] <JeffH> then back to #4
[20:04:58] <JeffH> # = slide in the following
[20:05:39] cabo joins the room
[20:06:12] <JeffH> he (Hannes) jumped thru the illustration slides too rapidly to report
[20:06:56] <JeffH> on #16 next steps
[20:17:11] <JeffH> does "document bundle" refer to _all_ docs in this WG ?
[20:17:32] <Tom Yu> i think they mean the proof-of-possession docs
[20:18:15] <JeffH> next talk: token introspection  #2
[20:18:26] <JeffH> #2 = slide 2
[20:18:47] <JeffH> #3 what is it for?
[20:22:31] <derek> I thnk we're on slide 5 now?
[20:22:49] <Ben Kaduk> That was my guess, too :)
[20:22:51] <JeffH> #5 usage patterns (sorry)
[20:22:56] <derek> heh
[20:23:05] <JeffH> #4 was Basic Process
[20:23:10] <JeffH> #6 doc status
[20:24:49] <derek> mic: the way kerberos solves that is that you include the "public" information outside the encryption.
[20:25:03] <derek> (i.e. you duplicate the data)
[20:30:47] <JeffH> relayed
[20:30:59] JeffH justin sits down
[20:32:36] <JeffH> OAuth Symmetric Proof of Possession for Code Extension
[20:32:39] <JeffH> nat sakamua
[20:32:52] <JeffH> misspelled sorry
[20:32:58] <JeffH> Sakimura
[20:33:11] <JeffH> #2 Problem stmt
[20:34:18] <JeffH> #3 solution
[20:35:15] <JeffH> #4 FAQ
[20:35:37] <Ben Kaduk> Who are "the developers"?
[20:36:07] <JeffH> pls prepend "mic" if you wish mic relaying
[20:36:27] <Ben Kaduk> I was hoping it was supposed to be sufficiently obvious that someone here would just know.
[20:36:51] <derek> I think the "OIDC Developers"
[20:37:43] <Tom Yu> it seems like it is working around a mobile platform vulnerability
[20:38:10] <JeffH> yes, tho it is a real need
[20:39:15] <JeffH> #8 draft is short
[20:39:27] <JeffH> hum: strong for accept
[20:39:35] <JeffH> no discernable objections on hum....
[20:39:38] <Tom Yu> i can believe it is a real need, and the solution as described in the presentation seems reasonable
[20:40:52] <derek> good
[20:41:15] <JeffH> draft-hunt-oauth-v2-user-a4c -- mike jones
[20:41:15] <JeffH> http://www.ietf.org/proceedings/90/slides/slides-90-oauth-1.pdf
[20:42:35] <JeffH> #2 draft
-
hunt
-
oauth
-
v2
-
user
-
a4c
in a nutshell
[20:42:56] JeffH that was suboptimal.....  :-/
[20:43:44] <JeffH> #3
[20:43:52] <JeffH> Reasons It Exists
[20:46:24] <JeffH> #3 Possible Factoring of Deliverables
[20:46:35] <JeffH> #4 actually
[21:02:35] <JeffH> slide #5: questions to WG
[21:02:50] Bill Mills leaves the room
[21:02:51] <Kathleen Moriarty> The temp in the room should start to come down soon
[21:03:00] <JeffH> thanks :)
[21:03:47] <JeffH> hum: modest support for WG taking this on
[21:03:52] <derek> I just thought it was the conversation that was heating up...
[21:03:59] <JeffH> stronger hum for 'not ready'
[21:04:09] <Kathleen Moriarty> almost 80 degrees
[21:05:55] Bill Mills joins the room
[21:07:52] <JeffH> draft-jones-oauth-token-exchange -- mike jones again
[21:08:01] <JeffH> #1 background
[21:08:05] <JeffH> #2 sorry
[21:08:29] <JeffH> http://www.ietf.org/proceedings/90/slides/slides-90-oauth-2.pdf
[21:08:40] <JeffH> #3 design goals
[21:09:39] <JeffH> #4 act-as scenarios
[21:10:13] <JeffH> skip to #6 New Grant Type
Used
at Token Endpoint
[21:10:28] <JeffH> #7 Optional
Request
Parameters
[21:10:45] <JeffH> #8 Questions to the Working Group
[21:16:10] cabo leaves the room
[21:16:25] <JeffH> draft-sakimura-oauth-requrl
[21:16:37] <JeffH> http://www.ietf.org/proceedings/90/slides/slides-90-oauth-3.pptx
[21:16:47] <JeffH> #2 in the begging, was....
[21:17:39] <JeffH> #3 Advantage of using JWT/JWS/JWE
[21:17:50] <JeffH> #4 Advantage of using references
[21:18:08] <JeffH> #5 After that …
[21:23:19] JeffH leaves the room
[21:24:09] Tom Yu leaves the room
[21:24:16] Bill Mills leaves the room
[21:24:21] Kathleen Moriarty leaves the room
[21:24:25] <derek> Bye all, thank you!
[21:24:28] derek leaves the room
[21:28:16] cabo joins the room
[21:30:35] Ben Kaduk leaves the room
[21:46:42] Kathleen Moriarty joins the room
[22:35:14] Kathleen Moriarty leaves the room
[22:44:40] cabo leaves the room
Powered by ejabberd Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!