Re: New Non-WG Mailing List: unbearable

Hi,

IETF Secretariat <ietf-secretariat(_at_)ietf(_dot_)org> writes:

A new IETF non-working group email list has been created.

List address: unbearable(_at_)ietf(_dot_)org
Archive: http://www.ietf.org/mail-archive/web/unbearable/
To subscribe: https://www.ietf.org/mailman/listinfo/unbearable

Purpose:

This list is for discussion of proposals for doing better than bearer
tokens (e.g. HTTP cookies, OAuth tokens etc.) for web
applications. The specific goal is chartering a WG focused on
preventing security token export and replay attacks.



The OAUTH Working Group is already (and has been for a while!) looking
into "holder of key" protocols to improve upon Bearer Tokens.

I would suggest that this work happen there instead of creating a whole
new group for it.

-derek

For additional information, please contact the list administrators.


-- 
       Derek Atkins                 617-623-3745
       derek(_at_)ihtfp(_dot_)com             www.ihtfp.com
       Computer and Internet Security Consultant

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [Json] Gen-ART and OPS-Dir review of draft-ietf-json-text-sequence-09, John Cowan

Next by Date:

RE: Blog: YANG Really Takes Off in the Industry, Ersue, Mehmet (NSN - DE/Munich)

Previous by Thread:

Re: New Non-WG Mailing List: unbearable, Douglas Otis

Next by Thread:

RE: [Unbearable] New Non-WG Mailing List: unbearable, Mike Jones

Indexes:

[Date] [Thread] [Top] [All Lists]