IETF Logo Mail Archive

Re: [Jwt-reg-review] Request to register claims: "scope" , "at_use_nbr"

Brian Campbell <bcampbell@pingidentity.com> Wed, 22 May 2019 17:34 UTC

Return-Path: <bcampbell@pingidentity.com>
X-Original-To: jwt-reg-review@ietfa.amsl.com
Delivered-To: jwt-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 200D112027F for <jwt-reg-review@ietfa.amsl.com>; Wed, 22 May 2019 10:34:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.989
X-Spam-Level:
X-Spam-Status: No, score=-1.989 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pingidentity.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6F_a-n49M8Ic for <jwt-reg-review@ietfa.amsl.com>; Wed, 22 May 2019 10:34:23 -0700 (PDT)
Received: from mail-io1-xd2e.google.com (mail-io1-xd2e.google.com [IPv6:2607:f8b0:4864:20::d2e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ABA25120284 for <jwt-reg-review@ietf.org>; Wed, 22 May 2019 10:34:23 -0700 (PDT)
Received: by mail-io1-xd2e.google.com with SMTP id p2so2554436iol.2 for <jwt-reg-review@ietf.org>; Wed, 22 May 2019 10:34:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=gmail; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=V4DaE/LsGaAZ71Zhq8rWMf3mnQaPotb3Cq7AWBhJigA=; b=UUOdxHhRoyG9aqvsFd3CXNnrP/wgA7XPtn4jD3s7z/JId7QeHzJUdoHaEHvIsrtq44 IEOMecBd60CWttVjDK/mcJAZr4uIoiwE/KVNUiQowBYl0uU2wGsfYIAEEL40T6BxiCtU rjQWuii6gK/Q7GD/Ad1njBCQUvJ+Z8decOfJQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=V4DaE/LsGaAZ71Zhq8rWMf3mnQaPotb3Cq7AWBhJigA=; b=FhaEN53hdWPCc7zE2tVImKjMFoGMrJZYqL3py91y7R/SNVOxDvjFAF6+UxqzVIwnwS Ji0MASA5MGTEc7Ix6UTVa+43XqZ60mRk4QB9WVACIL8XbBq15PU0jqdeyPYJBYrB5zsv ckJmJ1L9t66TZOm9y/kROl71dAXzwfWQkcK3J18duXyqbp/BLA4YVar2CDo89uxXnjzN BxMofX5p2IFJy0o/Ew/grHurRtvAjSxqUjGQnYdlOCErnXIkPFtrg5NjoZm5Z1qoY0wV ozCMcvXSLuJCjPbAxTgFu6p6SvwgDFufqHDJbGIjk9zg7aO9NAdlG1XGEzCdo51qULP+ PYFg==
X-Gm-Message-State: APjAAAU8qpKE2/vXV3IOKhdaCCSoyTFEZ+YFsudNP/baCL+OeiJ67237 7+/KuQKuwSWM9m2GBk8NN6ikP4L6i/zJvKqhxUhFEIXfz12TZ4BL6tjhOuBrW13LLM3zsojgy7N J4MSCJSE4yN+tUeAULQALA9o58caG
X-Google-Smtp-Source: APXvYqz+X+fLFISb9nJ5GBTWXq36vXbvNbmq5Bg3uo/qCYRGRyM4vOPjnL4iyTApUVSvAoYrAqIgCKQ1dCA77g+Xgi0=
X-Received: by 2002:a6b:ba04:: with SMTP id k4mr49565990iof.127.1558546462793; Wed, 22 May 2019 10:34:22 -0700 (PDT)
MIME-Version: 1.0
References: <52951ff3f45146a284bc3401f2260915@xMail.etsihq.org> <CA+k3eCQEB9LZKKTt-bKOaAXLGLtgDWPkXUBhd2KkiYF+gE8WYg@mail.gmail.com> <51607e41f1fa41038abab52bd23f9bda@xMail.etsihq.org> <a4ab46ed99314ad28e994a46520270fc@xMail.etsihq.org>
In-Reply-To: <a4ab46ed99314ad28e994a46520270fc@xMail.etsihq.org>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Wed, 22 May 2019 11:33:55 -0600
Message-ID: <CA+k3eCT2TbjRZP-SW3Sz80Oy_7CWMNy1oCQUtNUCfa1oz0p9nw@mail.gmail.com>
To: Miguel Angel Reina Ortega <MiguelAngel.ReinaOrtega@etsi.org>
Cc: "jwt-reg-review@ietf.org" <jwt-reg-review@ietf.org>, PNNS <PNNS@etsi.org>
Content-Type: multipart/alternative; boundary="00000000000047f9c705897d60b2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/jwt-reg-review/7JWL2ZBR6JpGq4CpdW7_yYj9xPk>
Subject: Re: [Jwt-reg-review] Request to register claims: "scope" , "at_use_nbr"
X-BeenThere: jwt-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Expert review of proposed IANA registrations for JSON Web Token \(JWT\) claims." <jwt-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jwt-reg-review/>
List-Post: <mailto:jwt-reg-review@ietf.org>
List-Help: <mailto:jwt-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 May 2019 17:34:40 -0000

Hi Miguel, see inline below

On Wed, May 22, 2019 at 9:49 AM Miguel Angel Reina Ortega <
MiguelAngel.ReinaOrtega@etsi.org> wrote:

> Dear Brian,
>
>
>
> I have a couple of questions. First, regarding the pointer to the
> specification. Actually, the specification is going to be approved this
> week and publicly available soon. I could provide a pointer that will not
> work for the time being but it will in short time. Would that be fine? Or
> would it be better to provide a temp pointer that works right now but
> modify it later?
>

It's a bit of chicken and egg, isn't it? And I'm honestly not sure how
that's supposed to work. But I think that the latter - a pointer to a draft
but soonish to be approved spec - would be appropriate for the review
request. And the final pointer can be given to IANA for the registration
request.


>
>
> Second question is regarding the “scope” claim, the reason why it was
> requested is that it does not appear in the JSON Web token registry page.
> Is that just a mistake or is there a reason why it is not there?
>

The “scope” claim does not yet appear in the JSON Web token registry page
but it should show up there (relatively) soon. The request has been made
already
https://mailarchive.ietf.org/arch/msg/jwt-reg-review/VXiedtm3lP0IfyEsVKkg92-I6TA


>
>
> Please, your advice will be very much appreciated.
>
>
>
> Best regards.
>
>
>
>
> -----------------------------------------------------------------------------------------------------------------
>
> *Miguel Angel Reina Ortega **–* Testing Expert
>
> Centre for Testing and Interoperability (CTI)
>
> *ETSI* ● www.etsi.org*miguelangel.reinaortega@etsi.org
> <miguelangel.reinaortega@etsi.org>*
>
> Phone: +33 (0)4 92 94 43 49 ● Mobile: +33 (0)6 76 73 60 99
>
>
>
> This email may contain confidential information and is intended for
>
> the use of the addressee only. Any unauthorized use may be unlawful.
>
> If you receive this email by mistake, please advise the sender
>
> immediately by using the reply facility in your email software.
>
> Thank you for your co-operation.
>
>
>
> *From:* Miguel Angel Reina Ortega
> *Sent:* 22 May 2019 00:26
> *To:* 'Brian Campbell' <bcampbell@pingidentity.com>
> *Cc:* 'jwt-reg-review@ietf.org' <jwt-reg-review@ietf.org>; PNNS <
> PNNS@etsi.org>
> *Subject:* RE: [Jwt-reg-review] Request to register claims: "scope" ,
> "at_use_nbr"
>
>
>
> Dear Brian,
>
>
>
> Thanks for your prompt response.
>
>
>
> Indeed, you’re right, a Word document attached in an email is not
> sufficient. I sent it in that way for your review and confirmation before
> approving the document at ISG level (a bit chicken and egg problem).
>
>
>
> I take note about your feedback on “scope” claim, bring that feedback to
> the ISG and if required as you said, I will make a new updated request
> which includes a pointer to the spec.
>
>
>
> Best regards.
>
>
>
>
> -----------------------------------------------------------------------------------------------------------------
>
> *Miguel Angel Reina Ortega **–* Testing Expert
>
> Centre for Testing and Interoperability (CTI)
>
> *ETSI* ● www.etsi.org*miguelangel.reinaortega@etsi.org
> <miguelangel.reinaortega@etsi.org>*
>
> Phone: +33 (0)4 92 94 43 49 ● Mobile: +33 (0)6 76 73 60 99
>
>
>
> This email may contain confidential information and is intended for
>
> the use of the addressee only. Any unauthorized use may be unlawful.
>
> If you receive this email by mistake, please advise the sender
>
> immediately by using the reply facility in your email software.
>
> Thank you for your co-operation.
>
>
>
> *From:* Brian Campbell <bcampbell@pingidentity.com>
> *Sent:* 21 May 2019 20:50
> *To:* Miguel Angel Reina Ortega <MiguelAngel.ReinaOrtega@etsi.org>
> *Cc:* jwt-reg-review@ietf.org; PNNS <PNNS@etsi.org>
> *Subject:* Re: [Jwt-reg-review] Request to register claims: "scope" ,
> "at_use_nbr"
>
>
>
> Hello Miguel,
>
>
>
> RFC 7519 says that values for the JSON Web Token Claims Registry
> <https://tools.ietf.org/html/rfc7519#section-10.1> are registered on a
> Specification Required basis. RFC 5226 says that Specification Required
> <https://tools.ietf.org/html/rfc5226#section-4.1> means that the values
> and their meanings must be documented in a permanent and readily available
> public specification. I do not believe a Microsoft Word document as an
> email attachment is sufficient in that regard. This registration review
> request will need to be made again with a straightforward pointer to such a
> permanent and readily available public specification that defines the
> claim.
>
>
>
> Also note that the 'scope' claim is being defined in Section 4.2 of OAuth
> 2.0 Token Exchange
> <https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16#section-4.2>
> with effectively the same meaning.  Registration has already been requested
> from/by that document so isn't necessary from the ETSI GS NFV-SEC 022
> perspective.
>
>
>
> Thanks,
>
> Brian Campbell
>
> One of the (so called) Designated Experts for the JWT Claims Registry
>
>
>
>
>
> On Mon, May 20, 2019 at 11:35 AM Miguel Angel Reina Ortega <
> MiguelAngel.ReinaOrtega@etsi.org> wrote:
>
> Dear,
>
> On behalf of ETSI NFV ISG, I would like to submit the following
> registration requests for the “JSON Web Token” registry:
>
>
>
>    - Claim Name: “scope”
>
>
>    - Claim Description: space-separated list of scope of operation values
>    for which the access token is valid.
>    - Change Controller: ETSI (pnns@etsi.org)
>
>
>    - Specification Document(s): Clause 5.5
>    <https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims>
>    of the present ETSI GS NFV-SEC 022
>    <https://portal.etsi.org/webapp/WorkProgram/Report_WorkItem.asp?WKI_ID=54060>
>    (attached)
>
>
>
>    - Claim Name: “at_use_nbr”
>    - Claim Description: Number of API requests for which the access token
>    can be used.
>    - Change Controller: ETSI (pnns@etsi.org)
>
>
>    - Specification Document(s): Clause 5.5
>    <https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims>
>    of the present ETSI GS NFV-SEC 022
>    <https://portal.etsi.org/webapp/WorkProgram/Report_WorkItem.asp?WKI_ID=54060>
>    (attached)
>
>
>
> Best regards.
>
>
>
>
>
>
> -----------------------------------------------------------------------------------------------------------------
>
> *Miguel Angel Reina Ortega –* Testing Expert
>
> Centre for Testing and Interoperability (CTI)
>
> *ETSI* ● www.etsi.org*miguelangel.reinaortega@etsi.org
> <miguelangel.reinaortega@etsi.org>*
>
> Phone: +33 (0)4 92 94 43 49 ● Mobile: +33 (0)6 76 73 60 99
>
>
>
> This email may contain confidential information and is intended for
>
> the use of the addressee only. Any unauthorized use may be unlawful.
>
> If you receive this email by mistake, please advise the sender
>
> immediately by using the reply facility in your email software.
>
> Thank you for your co-operation.
>
>
>
> _______________________________________________
> Jwt-reg-review mailing list
> Jwt-reg-review@ietf.org
> https://www.ietf.org/mailman/listinfo/jwt-reg-review
>
>
>

-- 
_CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately 
by e-mail and delete the message and any file attachments from your 
computer. Thank you._

v2.23.0 | Report a Bug | By Email