[Ace] Parameter abbreviation number ranges for draft-ietf-ace-oauth-authz
Ludwig Seitz <ludwig.seitz@ri.se> Mon, 27 August 2018 07:52 UTC
Return-Path: <ludwig.seitz@ri.se>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E2A4130DF3 for <ace@ietfa.amsl.com>; Mon, 27 Aug 2018 00:52:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GT6IRtN_1B2i for <ace@ietfa.amsl.com>; Mon, 27 Aug 2018 00:52:06 -0700 (PDT)
Received: from smtp-out10.electric.net (smtp-out10.electric.net [185.38.180.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 763D1129C6B for <ace@ietf.org>; Mon, 27 Aug 2018 00:52:06 -0700 (PDT)
Received: from 1fuCJg-000jGz-T7 by out10c.electric.net with emc1-ok (Exim 4.90_1) (envelope-from <ludwig.seitz@ri.se>) id 1fuCJg-000jIU-Tj for ace@ietf.org; Mon, 27 Aug 2018 00:52:04 -0700
Received: by emcmailer; Mon, 27 Aug 2018 00:52:04 -0700
Received: from [194.218.146.197] (helo=sp-mail-2.sp.se) by out10c.electric.net with esmtps (TLSv1.2:ECDHE-RSA-AES128-SHA256:128) (Exim 4.90_1) (envelope-from <ludwig.seitz@ri.se>) id 1fuCJg-000jGz-T7 for ace@ietf.org; Mon, 27 Aug 2018 00:52:04 -0700
Received: from [192.168.0.166] (10.116.0.226) by sp-mail-2.sp.se (10.100.0.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Mon, 27 Aug 2018 09:52:03 +0200
To: "ace@ietf.org" <ace@ietf.org>
From: Ludwig Seitz <ludwig.seitz@ri.se>
Message-ID: <ed5a89e7-e2ed-8804-037f-8b50d2bc6d64@ri.se>
Date: Mon, 27 Aug 2018 09:52:03 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Originating-IP: [10.116.0.226]
X-ClientProxiedBy: sp-mail-1.sp.se (10.100.0.161) To sp-mail-2.sp.se (10.100.0.162)
X-Outbound-IP: 194.218.146.197
X-Env-From: ludwig.seitz@ri.se
X-Proto: esmtps
X-Revdns:
X-HELO: sp-mail-2.sp.se
X-TLS: TLSv1.2:ECDHE-RSA-AES128-SHA256:128
X-Authenticated_ID:
X-Virus-Status: Scanned by VirusSMART (c)
X-Virus-Status: Scanned by VirusSMART (s)
X-PolicySMART: 14510320
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/cX-DjWxSC4PehY0bEmbaNeeT2pI>
Subject: [Ace] Parameter abbreviation number ranges for draft-ietf-ace-oauth-authz
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Aug 2018 07:52:10 -0000
Hello group, at IETF 102 there was a discussion about the numerical abbreviations we introduced for both OAuth parameter names and access token claim names. I have generated a proposal that makes better use of the number space, but I'd like the OAuth specialists to have a look at it and see if I pushed any important (= frequently used) OAuth parameter into the two byte number range. Background: CBOR integers have a very compact representation (1 byte) for numbers from 0-23, from 24-255 (which is all we will ever need ;-) ) they use 2 bytes. Thus we'd like to use abbreviations in the first number range for parameters/claims that are frequently used. My proposal follow below, please feel free to comment. /Ludwig ================================================================================ Existing claim name abbreviations from RFC 8392 (CWT) : iss 1 sub 2 aud 3 exp 4 nbf 5 iat 6 cti 7 New claim name abbreviation introduced by draft-ietf-ace-cwt-proof-of-possession: cnf 8 New claims introduced by draft-ietf-ace-oauth-authz (with proposed abbreviations): scope 9 profile 10 rs_cnf 11 Token endpoint parameters from RFC 6749 (OAuth 2.0) (with proposed abbreviations): scope 9 error 12 grant_type 13 access_token 14 token_type 15 client_id 24 client_secret 25 response_type 26 state 27 redirect_uri 28 error_description 29 error_uri 30 code 31 expires_in 32 username 33 password 34 refresh_token 35 New token endpoint parameters introduced by draft-ietf-ace-oauth-authz (with proposed abbreviations): req_aud 16 req_cnf 17 used_cnf 18 rs_cnf 19 (Note that req_* and used_cnf are not yet in the draft, but we came to the conclusion we will need them after the OAuth session at IETF 102. They will be in the next update) Introspection endpoint paramenters from RFC (OAuth 2.0 introspection) (with proposed abbreviations): iss 1 sub 2 aud 3 exp 4 iat 6 nbf 5 scope 9 token_type 15 active 20 client_id 24 username 33 jti (no abbreviation, we have cti) New introspection endpoint parameters introduced by draft-ietf-ace-oauth-authz: cnf 8 rs_cnf 19 profile 10 -- Ludwig Seitz, PhD Security Lab, RISE SICS Phone +46(0)70-349 92 51
- [Ace] Parameter abbreviation number ranges for dr… Ludwig Seitz
- Re: [Ace] Parameter abbreviation number ranges fo… Jim Schaad
- Re: [Ace] Parameter abbreviation number ranges fo… Samuel Erdtman
- Re: [Ace] Parameter abbreviation number ranges fo… Ludwig Seitz
- Re: [Ace] Parameter abbreviation number ranges fo… Ludwig Seitz
- Re: [Ace] Parameter abbreviation number ranges fo… Mike Jones
- Re: [Ace] Parameter abbreviation number ranges fo… Ludwig Seitz
- Re: [Ace] Parameter abbreviation number ranges fo… Jim Schaad