On Monday's security session we discussed ways on what to provide in the security consideration for the OAuth specifications. We wanted to have another session on Thursday, November 9th, starting at 18:10 at the IAB breakout room (Jade 2).
OAuth allows a user to grant a third-party Web site or application access to their resources, without necessarily revealing their credentials, or even their identity. The OAuth working group, see http://datatracker.ietf.org/wg/oauth/charter/, is currently trying to finalize their main specification, namely OAuth v2: http://datatracker.ietf.org/doc/draft-ietf-oauth-v2/
Based on the positive response at the last IETF meeting (in Maastricht) we decided to hold another OAuth tutorial, namely on *Wednesday, starting at 19:30 (after the IETF Operations and Administration Plenary) till about 21:00. (Note: I had to switch the day because of the social event!)
It is helpful to read through the documents available int he working group but not required.
The goal of this bar BoF is to work out a proper working scope in IETF to offer more efficient transport for HTTP streaming.
The agenda, slides and drafts can be found in the following link:
There have been two bar BoF meetings for IoT (Internet of Things) at IETF 77 and IETF 78. Gyu Myoung, Bruce and I would like to arrange an informal meeting to discuss the PS draft (draft-lee-iot-problem-statement-00) and Charter (coming soon) for IoT RG at IETF 79. We cordially invite you to join us.
The security consideration section of OAuth 2.0 (draft -10) is still empty. Hence, we would like to put some time aside to discuss what security threats, requirements, and countermeasures need to be described. We will use the Monday, November 8, 1300-1500 slot to have a discussion session.
As a starting point I suggest to look at the following documents:
Note: If you are unfamiliar with OAuth then the OAuth tutorial session might be more suitable for you!
We had live demonstration event in the last IETF 78 meeting in Maastricht. Now some different kind of implementations have been developed. We will show inter-operation between following platforms.
Contact: Jun-ya Kato (firstname.lastname@example.org)