3
OAuth Assertions Status Mike Jones November 8, 2012

OAuth Assertions Status

Embed Size (px)

DESCRIPTION

OAuth Assertions Status. Mike Jones November 8, 2012. OAuth Assertions & SAML Profile. Specifications very stable No normative changes since April 2012 WGLC introduced no normative Hannes needs usage statements for IESG letter - PowerPoint PPT Presentation

Citation preview

Page 1: OAuth Assertions Status

OAuth Assertions Status

Mike JonesNovember 8, 2012

Page 2: OAuth Assertions Status

OAuth Assertions & SAML Profile• Specifications very stable– No normative changes since April 2012– WGLC introduced no normative

• Hannes needs usage statements for IESG letter– OpenID Connect uses JWT Profile, which uses

Assertions Framework• Over a dozen implementations• Significant interop testing has occurred

– SAML Profile usage statements needed

Page 3: OAuth Assertions Status

JWT Bearer Token Profiles

• Fully parallel to SAML Profile (by design)– Only differences due to token formats– Likewise, no normative changes since April 2012

• Will be ready to go to WGLC once JWT is– Gated on JOSE specs going to WGLC


Assertions and Triggers

Assertions and Triggers

Documents
Assertions Question 1

Assertions Question 1

Documents
OAuth 2.0 Security IETF OAuth WG Conference Call, 14th December 2012

OAuth 2.0 Security IETF OAuth WG Conference Call, 14th December 2012

Documents
Demystifying OAuth

Demystifying OAuth

Documents
The Essential OAuth Primer: Understanding OAuth for Securing Cloud APIs

The Essential OAuth Primer: Understanding OAuth for Securing Cloud APIs

Technology
The OAuth 2.0 Authorization Frameworkself-issued.info/docs/draft-ietf-oauth-v2-30.pdf · 2012. 7. 15. · The OAuth 2.0 Authorization Framework draft-ietf-oauth-v2-30 Abstract The

The OAuth 2.0 Authorization Frameworkself-issued.info/docs/draft-ietf-oauth-v2-30.pdf · 2012. 7. 15. · The OAuth 2.0 Authorization Framework draft-ietf-oauth-v2-30 Abstract The

Documents
H. Tschofenig OAuth 2.0 Security: OAuth Open Redirector · OAuth 2.0 Security: OAuth Open Redirector draft-bradley-oauth-open-redirector-02.txt Abstract This document gives additional

H. Tschofenig OAuth 2.0 Security: OAuth Open Redirector · OAuth 2.0 Security: OAuth Open Redirector draft-bradley-oauth-open-redirector-02.txt Abstract This document gives additional

Documents
1 Chapter 6 Managements’ Assertions Financial Statement Assertions Page 58 - 61

1 Chapter 6 Managements’ Assertions Financial Statement Assertions Page 58 - 61

Documents
Assertions v2.0

Assertions v2.0

Documents
Larson assertions 081705

Larson assertions 081705

Documents
The Essential OAuth Primer: Understanding OAuth …docs.media.bitpipe.com/.../item_426600/The-Essentials-of-OAuth.pdfThe Essential OAuth Primer: Understanding OAuth for Securing Cloud

The Essential OAuth Primer: Understanding OAuth …docs.media.bitpipe.com/.../item_426600/The-Essentials-of-OAuth.pdfThe Essential OAuth Primer: Understanding OAuth for Securing Cloud

Documents
Identity Workshopinnovbfa.viabloga.com/files//Cloud_Identity_Summit... · OAuth 2.0 OAuth 1 + OAuth-WRAP + IETF = OAuth 2.0 Expanded participation with other major vendors such as

Identity Workshopinnovbfa.viabloga.com/files//Cloud_Identity_Summit... · OAuth 2.0 OAuth 1 + OAuth-WRAP + IETF = OAuth 2.0 Expanded participation with other major vendors such as

Documents
OAuth for TeraGrid Gateways - …security.ncsa.illinois.edu/teragrid-oauth/OAuthforTGGateways...OAuth for TeraGrid Gateways Jim Basney Jeff Gaynor

OAuth for TeraGrid Gateways - …security.ncsa.illinois.edu/teragrid-oauth/OAuthforTGGateways...OAuth for TeraGrid Gateways Jim Basney Jeff Gaynor

Documents
SV Assertions

SV Assertions

Documents
Intended status: Standards Track The OAuth 2.0 ... · The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on

Intended status: Standards Track The OAuth 2.0 ... · The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on

Documents
OAUTH 2 UND OPENID CONNECT SECURING MICROSERVICES … · OAUTH 2.0 101 RFC 6749: The OAuth 2.0 A uthorization Frame work RFC 6750: OAuth 2.0 Bearer Token Usage RFC 6819: OAuth 2.0

OAUTH 2 UND OPENID CONNECT SECURING MICROSERVICES … · OAUTH 2.0 101 RFC 6749: The OAuth 2.0 A uthorization Frame work RFC 6750: OAuth 2.0 Bearer Token Usage RFC 6819: OAuth 2.0

Documents
Twitter oauth

Twitter oauth

Documents
WordPress + OAuth

WordPress + OAuth

Technology
Core Assertions

Core Assertions

Documents
Entendiendo oAuth

Entendiendo oAuth

Documents
Asynchronous Assertions

Asynchronous Assertions

Documents
SystemVerilog Assertions Handbook · SystemVerilog Assertions Handbook

SystemVerilog Assertions Handbook · SystemVerilog Assertions Handbook

Documents
Mastering OAuth 2 - Adobe Inc.€¦ · leveraging the OAuth 2.0 Authorization Framework Mastering OAuth 2.0 Charles Bihis Mastering OAuth 2.0 OAuth 2.0 is a powerful authorization

Mastering OAuth 2 - Adobe Inc.€¦ · leveraging the OAuth 2.0 Authorization Framework Mastering OAuth 2.0 Charles Bihis Mastering OAuth 2.0 OAuth 2.0 is a powerful authorization

Documents
OAuth Passport

OAuth Passport

Documents
The Essential OAuth Primer: Understanding OAuth for Securing Cloud

The Essential OAuth Primer: Understanding OAuth for Securing Cloud

Documents
SystemVerilog Assertions and Assertion Planning . Part 1: A short tutorial on SystemVerilog Assertions . Part 2: Who should write assertions? Part 3: Planning where to use assertions

SystemVerilog Assertions and Assertion Planning . Part 1: A short tutorial on SystemVerilog Assertions . Part 2: Who should write assertions? Part 3: Planning where to use assertions

Documents
oAuth test

oAuth test

Documents
OAuth Hacks A gentle introduction to OAuth 2 and Apache Oltu

OAuth Hacks A gentle introduction to OAuth 2 and Apache Oltu

Internet
Update Twitter Status Using PHP and OAuth

Update Twitter Status Using PHP and OAuth

Documents
Everything OAuth

Everything OAuth

Technology