IETF Logo Mail Archive

Re: [jose] OAUTH and implicit key identifiers

Mike Jones <Michael.Jones@microsoft.com> Fri, 19 April 2013 01:56 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 04F5721F8FF1 for <jose@ietfa.amsl.com>; Thu, 18 Apr 2013 18:56:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.573
X-Spam-Level:
X-Spam-Status: No, score=0.573 tagged_above=-999 required=5 tests=[HTML_MESSAGE=0.001, HTML_OBFUSCATE_05_10=0.572]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RI6BzUY5WoLX for <jose@ietfa.amsl.com>; Thu, 18 Apr 2013 18:56:26 -0700 (PDT)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2lp0243.outbound.protection.outlook.com [207.46.163.243]) by ietfa.amsl.com (Postfix) with ESMTP id 22DAC21F8FD9 for <jose@ietf.org>; Thu, 18 Apr 2013 18:56:22 -0700 (PDT)
Received: from BY2FFO11FD001.protection.gbl (10.1.15.200) by BY2FFO11HUB040.protection.gbl (10.1.14.161) with Microsoft SMTP Server (TLS) id 15.0.675.0; Fri, 19 Apr 2013 01:56:22 +0000
Received: from TK5EX14MLTC103.redmond.corp.microsoft.com (131.107.125.37) by BY2FFO11FD001.mail.protection.outlook.com (10.1.14.123) with Microsoft SMTP Server (TLS) id 15.0.675.0 via Frontend Transport; Fri, 19 Apr 2013 01:56:21 +0000
Received: from TK5EX14MBXC284.redmond.corp.microsoft.com ([169.254.1.245]) by TK5EX14MLTC103.redmond.corp.microsoft.com ([157.54.79.174]) with mapi id 14.02.0318.003; Fri, 19 Apr 2013 01:56:13 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Jim Schaad <ietf@augustcellars.com>
Thread-Topic: [jose] OAUTH and implicit key identifiers
Thread-Index: Ac48fneRecweZdqnT5+h9BcteEyq3AAIL/KQ
Date: Fri, 19 Apr 2013 01:56:12 +0000
Message-ID: <4E1F6AAD24975D4BA5B168042967394367670B65@TK5EX14MBXC284.redmond.corp.microsoft.com>
References: <04e401ce3c7e$94bfd9b0$be3f8d10$@augustcellars.com>
In-Reply-To: <04e401ce3c7e$94bfd9b0$be3f8d10$@augustcellars.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.74]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B168042967394367670B65TK5EX14MBXC284r_"
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(377454001)(199002)(189002)(47446002)(564824004)(66066001)(69226001)(20776003)(50986001)(49866001)(47736001)(47976001)(4396001)(71186001)(33656001)(80022001)(65816001)(81542001)(81342001)(74662001)(31966008)(74502001)(44976003)(6806003)(512954001)(77982001)(59766001)(46102001)(79102001)(51856001)(54316002)(56776001)(56816002)(16406001)(63696002)(16236675002)(15202345002)(76482001)(54356001)(53806001)(55846006); DIR:OUT; SFP:; SCL:1; SRVR:BY2FFO11HUB040; H:TK5EX14MLTC103.redmond.corp.microsoft.com; RD:InfoDomainNonexistent; A:1; MX:1; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 08213D42D3
Cc: "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] OAUTH and implicit key identifiers
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Apr 2013 01:56:27 -0000

In http://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-09, see the definition of "jwks_uri", which enables the client's JWK Set document to be communicated to the OAuth server out of band from the JWTs (and JOSE objects underlying them) later used.  Also see "token_endpoint_auth_method" and especially the "client_secret_jwt" and "private_key_jwt" authentication methods.

                                                                -- Mike

From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of Jim Schaad
Sent: Thursday, April 18, 2013 2:49 PM
To: Mike Jones
Cc: jose@ietf.org
Subject: [jose] OAUTH and implicit key identifiers

Mike,

I have tried to go through the OAuth documents in order to find where and how they have implicit key identifiers set up for tokens.   I was unable to find this.  Can you please give me a concrete pointer to where this text is?

Jim

v2.23.0 | Report a Bug | By Email