oauth ietf 74 bof

OAuth BoF IETF 74

Upload: eran

Post on 16-Jul-2015

464 views

Category:

Technology

1 download

Report

Download

Embed Size (px):

TRANSCRIPT

OAuth BoF

IETF 74

draft-hammer-oauth-01

• Introduction / Expectations• Use cases• Document structure• Terminology• Examples

Interoperability

• No required Signature Method• 3 Parameter methods• Endpoints HTTP methods• Documentation / Discovery• Client registration• Error codes

Security

• Signature scope• Secrets in the clear• DoS Attacks• Callbacks

New Features

• Alternative Token methods• Body hash• Language preference

ROAP BOF, IETF'681 Architectural Issues for Identifiers and Locators Dave Thaler [email protected]

(Geneva, Switzerland, 4 June 2013) · • IETF BoF on Software Driven Networks (SDN) • IRTF BoF on Network Virtualization • IETF WG on Interface to Routing System (I2RS) (conceptually

@dfett42 How (Not) to Use OAuth · OAuth 2.0 Security Best Current Practice RFC Under development at the IETF Refined and enhanced security guidance for OAuth 2.0 implementers Complements

OAuth 2.0 Token Binding - IETF Again? l Specify a proof-of-possession mechanism based on Token Binding for OAuth 2.0 (& OpenID Connect) to defeat replay of lost or stolen tokens

Education (EDU) BOF IETF 57 – Vienna, Austria Margaret Wasserman [email protected]

Content Distribution Internetworking IETF BOF

IETF BoF Session Layer 2 Control between Access Node and BNG

Extensible Supply-chain Discovery Services (ESDS) BOF IETF 71 – Philadelphia, PA, USA Ted [email protected] Mark [email protected]

Content Distribution Internetworking IETF BOF December 12, 2000 Phil Rzewski Gary Tomlinson

OAuth 2.0 Security IETF OAuth WG Conference Call, 14th December 2012

1IETF 63, Remote UI BoF WiDeX Problem Statement Dean Willis Vlad Stirbu RUI BoF, IETF 63, Paris August 2 nd, 2005

Http://standards.nortelnetworks.com/netconf/ PG 1 Netconf Data Model Netmod BOF – IETF 60 Sharon Chisholm – schishol@nortelnetworks,com Randy Presuhn -

ENUM Update for voipeer BOF Richard Shockey ENUM co-chair IETF 63 Paris

November 9, 2010 IETF 79 Beijing, China Synergy of the SCAP Program and IETF Activities BOF Chairs: Kent Landfield [email protected][email protected]

IETF 95 Buenos Aires OAuth 2.0 for Apps (Draft BCP)

- vertraulich / confidential - 65. IETF Meeting BoF, March 2006 Haag, Thomas, T-Systems ENPS PCT15th Seite 1, 22nd of March 2006 IETF BoF Session Layer

DICE BOF, IETF-87 Berlin

IETF-62TRILL BOF TRILL Routing Scalability Considerations Alex Zinin [email protected]

Enhanced NTP IETF – TicToc BOF Greg Dowd – [email protected] Jeremy Bennington – [email protected]@[email protected]

Identity Workshopinnovbfa.viabloga.com/files//Cloud_Identity_Summit... · OAuth 2.0 OAuth 1 + OAuth-WRAP + IETF = OAuth 2.0 Expanded participation with other major vendors such as

OAuth 2.0 Token Binding - IETF | Internet Engineering … Binding for Access Tokens l Section 3 of draft-ietf-oauth-token-binding-01 l Binds the access token to the token binding key

Draft Ietf Oauth V2 12

IETF% - ENOGInitiating new work in the IETF 12 Identify need – Birds of a Feather (BOF) Session often used to demonstrate the need, a constituency, and people willing to do the work

Newtrk-1 newtrk New IETF Standards Track Discussion BOF Chair: Scott Bradner Agenda 1/ description of current IETF Standards Track 2/ observations from

Application Performance Metrics APM BOF July 25, 2007 Alan Clark Al Morton IETF 69 – Chicago – July 2007

Solving IoT Security Challenges with OAuth 2 · The OAuth 2.0 for Native Apps (draft-ietf-oauth-native-apps> is relevant for this scenario. 16 Independent Gateway Examples Philips

The OAuth 2.0 Authorization Protocol - cleesh.com · The OAuth 2.0 Authorization Protocol draft-ietf-oauth-v2-25 Abstract The OAuth 2.0 authorization protocol enables a third-party

Netconf Data Model Netmod BOF – IETF 60

OAuthGuard: Protecting User Security and Privacy with OAuth 2.0 … · 1 INTRODUCTION Since the OAuth 2.0 authorisation framework was published as a draft standard by the IETF at

RTPSEC BoF IETF 68, Prague

DICE BOF, IETF-87 Berlin DTLS In Constrained Environments (DICE) BOF Wed 15:10-16:10, Potsdam 3 BOF Chairs: Zach Shelby, Carsten Bormann Responsible AD:

Give an app access to a resource managed by someone else ...OAuth 2)!6 Digitally signed (by you) 6 ... •IETF Draft: “OAuth 2.0 Threat model and Security Considerations ... OAUTH

P re- C ongestion N otification (PCN) BOF 67th IETF, San Diego, CA BOF Chairs: Anna Charny

Activity Summary - web.sfc.wide.ad.jpweb.sfc.wide.ad.jp/~tazaki/distfiles/tazaki-100615-intro.pdf · What’s MANEMO? • MANET for NEMO • Bar-BOF @IETF 68th (May, 2007) • Established

JavaOne 2013 BOF 3861 - Mixing OAuth 2.0, Jersey and Guice to Build an Ecosystem of Apps