[Openid-specs-fapi] Fwd: [OAUTH-WG] Call for Adoption: Mutual TLS Profiles for OAuth Clients

Nat Sakimura nat at sakimura.org
Wed May 3 17:36:56 UTC 2017


It is not about the trust.
It is about avoiding bearer tokens (client secret, access token, refresh 
token)
but use a bound token.

Best,

---
Nat Sakimura
Research Fellow, Nomura Research Institute
Chairman of the Board, OpenID Foundation

On 2017-05-04 01:13, Tom Jones via Openid-specs-fapi wrote:
> I have tried to understand how this standard would help provide trust
> between the client and the endpoint, but I just don't see it. I know
> that trust is needed, particularly in the case of dynamic
> registration, but this does not seem to help that in any obvious way.
> 
> ..tomj
> 
> On Thu, Apr 20, 2017 at 10:44 AM, John Bradley via Openid-specs-fapi
> <openid-specs-fapi at lists.openid.net> wrote:
> 
>> It would help if others chime in on the OAuth mailing list to
>> request this be adopted.
>> 
>> People saying they want to use it always helps focus people.
>> 
>> Regards
>> John B.
>> 
>> Begin forwarded message:
>> 
>> FROM: John Bradley <ve7jtb at ve7jtb.com>
>> 
>> SUBJECT: RE: [OAUTH-WG] CALL FOR ADOPTION: MUTUAL TLS PROFILES FOR
>> OAUTH CLIENTS
>> 
>> DATE: April 20, 2017 at 2:40:20 PM GMT-3
>> 
>> TO: Hannes Tschofenig <hannes.tschofenig at gmx.net>
>> 
>> CC: "oauth at ietf.org" <oauth at ietf.org>
>> 
>> I accept the adoption as a starting point.
>> 
>> John B.
>> 
>> On Apr 20, 2017, at 1:32 PM, Hannes Tschofenig
>> <hannes.tschofenig at gmx.net> wrote:
>> 
>> Hi all,
>> 
>> based on the strong support for this document at the Chicago IETF
>> meeting we are issuing a call for adoption of the "Mutual TLS
>> Profiles
>> for OAuth Clients" document, see
>> https://tools.ietf.org/html/draft-campbell-oauth-mtls-01 [1]
>> 
>> Please let us know by May 4th whether you accept / object to the
>> adoption of this document as a starting point for work in the OAuth
>> working group.
>> 
>> Ciao
>> Hannes & Rifaat
>> 
>> _______________________________________________
>> OAuth mailing list
>> OAuth at ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth [2]
> 
> _______________________________________________
>  Openid-specs-fapi mailing list
>  Openid-specs-fapi at lists.openid.net
>  http://lists.openid.net/mailman/listinfo/openid-specs-fapi [3]
> 
> --
> 
> ..tom
> 
> Links:
> ------
> [1] https://tools.ietf.org/html/draft-campbell-oauth-mtls-01
> [2] https://www.ietf.org/mailman/listinfo/oauth
> [3] http://lists.openid.net/mailman/listinfo/openid-specs-fapi
> 
> _______________________________________________
> Openid-specs-fapi mailing list
> Openid-specs-fapi at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-fapi


More information about the Openid-specs-fapi mailing list