A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : Thoughts about Digital Signatures for the Open Web Authentication (OAuth) Protocol
Author(s) : H. Tschofenig, B. Cook
Filename : draft-tschofenig-oauth-signature-thoughts-00.txt
Pages : 18
Date : 2010-10-18
The initial version of the Open Web Authentication Protocol (OAuth
1.0), often referred to as the community addition, included an
mechanism for putting a digital signature (when using asymmetric
keys) or a keyed message digest (when using symmetric keys) to a
resource request when presenting the OAuth token. This cryptographic
mechanism has lead to lots of discussions, particularly about the
problems implementers had, the use cases it supports, and the
benefit-cost tradeoff.
This document tries to describe the use of the so-called 'OAuth
Signature' mechamism in an unbiased and less emotional way with the
main purpose to conclude the discussions.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-tschofenig-oauth-signature-thoughts-00.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
- <ftp://ftp.ietf.org/internet-drafts/draft-tschofenig-oauth-signature-thoughts-00.txt>
-
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt