The IETF unbearable mailing list is truly unbearable: https://www.ietf.org/mail-archive/web/unbearable/current/msg00154.html …
-
-
@sleevi_ whatever, I'm just a Macaroon maniac...Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@bascule Oh, that's just low. Even I wouldn't rail on my team members like that. Not even remotely like CAS -
@sleevi_ add end-to-end proxy authentication using a challenge/response mechanism that adds an extra round-trip! https://jasig.github.io/cas/development/images/cas_proxy_flow_diagram.jpg … -
@sleevi_ Macaroons solve the proxy authentication problem beautifully without extra round-trips... -
@sleevi_ given this is all coming out of Google, I'm confused if Ulfar gave up on them or something... -
@bascule macaroons are bearer tokens. Channel ID / token binding is about preventing bearerer tokens. Apples to Engine Oil? -
@sleevi_ and what of "contextual caveats", one of the titular features described in the paper? -
@sleevi_ granted the recommended approach for contextual caveats is via channel ID... -
@bascule Correct. Macaroons doesn't solve the problem space Channel ID tries to; it punts the problem, but encapsulates the capability
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.