Progress update

434 views
Skip to first unread message

Eran Hammer

unread,
Jan 14, 2013, 4:25:47 AM1/14/13
to oz-pr...@googlegroups.com

First a heads up. I’m getting close to a usable README for Oz, at which point, I plan to close this mailing list and move all further discussions to use Github issues. I’ll let you know when this happens.

 

Second, I’ve been making good progress on some building blocks that will be used by Oz:

 

Hawk – an hamc-based HTTP authentication scheme. Similar to what is known as “two-leggest OAuth 1.0” but much simpler and more powerful. This will be the underlying authentication used by Oz.

 

https://github.com/hueniverse/hawk

 

Iron – an object encryption protocol with integrity verification. Oz will use Iron to encrypt its tickets used to maintain state and access properties.

 

https://github.com/hueniverse/iron

 

Both projects are small, have useful READMEs, and are ready to be used (but not fully stable yet).

 

EH

Coenraad Loubser

unread,
Feb 9, 2013, 4:10:11 AM2/9/13
to oz-pr...@googlegroups.com
Looking good! Thanks for the updates for those of us who are less active!

Eran Hammer

unread,
Mar 24, 2013, 10:46:00 PM3/24/13
to algermissen1971, oz-pr...@googlegroups.com
They will use the same scheme name. The server cannot run both Oz and standard Hawk on the same endpoint without some way in the id structure to know which is being used.

I don't see this as a problem.

EH
________________________________________
From: algermissen1971 [algermi...@me.com]
Sent: Tuesday, March 19, 2013 2:41 PM
To: Eran Hammer
Cc: oz-pr...@googlegroups.com
Subject: Re: Progress update

On 14.01.2013, at 10:25, Eran Hammer <er...@hueniverse.com> wrote:

> Hawk – an hamc-based HTTP authentication scheme. Similar to what is known as “two-leggest OAuth 1.0” but much simpler and more powerful. This will be the underlying authentication used by Oz.

Does it make sense to say that Oz will use the same Authentication method (algorithm) as Hawk, but that Oz will still need to use its own Authentication scheme name ('Oz' as used in the nodejs source code) because to Hawk the authentication id parameter is opaque but in Oz it contains the ticket?

IOW, the only way for the server to know it can actually parse the id to decrypt the ticket is to look at the Auth scheme name?

Jan

Eugen Tudorancea

unread,
Apr 5, 2013, 10:32:00 AM4/5/13
to oz-pr...@googlegroups.com, algermissen1971
How is the progress of readme/specs going? I've read on twitter that you've updated to the streams2 API which is great.

I see that you don't have much support from the community, but, speaking for myself, I'm kinda counting on your efforts, cause my level of understanding of what needs to be changed and how is very low.


Thank you for your efforts so far :)

Eran Hammer

unread,
Apr 5, 2013, 1:10:17 PM4/5/13
to Eugen Tudorancea, oz-pr...@googlegroups.com, algermissen1971

Been buried in hapi work. Good news is that Hawk is not pretty much done. I hope to get to Oz over the next two weeks and get it stable.

 

EH

--
You received this message because you are subscribed to the Google Groups "oz-protocol" group.
To unsubscribe from this group and stop receiving emails from it, send an email to oz-protocol...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

Reply all
Reply to author
Forward
0 new messages