Thursday, July 28, 2022< ^ >
Meetecho has set the subject to: OAuth at IETF113
Room Configuration
Room Occupants

[18:06:21] <zulipbot> (Jaimandeep Singh) yes its okay
[18:07:00] <zulipbot> (Jaimandeep Singh) we can see at remote
[18:20:09] <zulipbot> (George Fletcher) Given values are json strings... are there any serialization requirements for those JSON strings to ensure the hashes match?
[18:23:50] <zulipbot> (Aaron Parecki) can the remote people hear us okay?
[18:24:03] <zulipbot> (Hirsch Singhal) Sounds good to me
[18:24:03] <zulipbot> (Aaron Parecki) 👍
[18:24:16] <zulipbot> (Joseph Heenan) yes, all good apart from when John didn't speak into the mic :)
[18:30:49] <zulipbot> (George Fletcher) Is it possible to add "blinded claim names" as an extension?
[18:56:02] <zulipbot> (George Fletcher) Open source that supports MLTS between services as well as OAuth MTLS bound OAuth tokens.
[19:03:12] <zulipbot> (George Fletcher) Netflix blog:
[19:03:36] <zulipbot> (George Fletcher)
[19:05:44] <zulipbot> (George Fletcher) Also, macaroons from Google might work in some cases here
[19:10:32] <zulipbot> (Brian Campbell)
[19:10:58] <zulipbot> (Brian Campbell) is the JWT BCP
[19:13:01] <zulipbot> (Aaron Parecki)
[19:14:20] <zulipbot> (Joseph Heenan) Should specs that use JWTs (e.g. dpop) reference the JWT BCP?
[19:15:25] <zulipbot> (Benjamin Kaduk) Probably
[19:22:44] <zulipbot> (Brian Campbell) as placeholder for dpop ref to JWT BCP FYI and FWIW
[19:24:59] <zulipbot> (George Fletcher) Anyone have the link to the NIST algorithm name list? I must searching on the incorrect terms :)
[19:25:58] <zulipbot> (Aaron Parecki) this maybe?
[19:27:11] <zulipbot> (George Fletcher) Thanks... that has the post quantum ones... I thought I heard someone say (during these side meetings) to a list where NIST defined full names like sha2-512.
[19:28:03] <zulipbot> (Benjamin Kaduk) Oh, that's not the question I heard either.
The relevant NIST standard will include names for the various algorithms.  Let me remember which one has hashes...
[19:28:49] <zulipbot> (Benjamin Kaduk) would be (IMO) the "official" names
[19:30:35] <zulipbot> (George Fletcher) Thanks
[19:33:46] <zulipbot> (Aaron Parecki) bye!