Re: [Jwt-reg-review] Request to Register JWT Confirmation Method: x5t#S256

Brian Campbell <bcampbell@pingidentity.com> Thu, 15 August 2019 20:19 UTC

Return-Path: <bcampbell@pingidentity.com>
X-Original-To: jwt-reg-review@ietfa.amsl.com
Delivered-To: jwt-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7962612007C for <jwt-reg-review@ietfa.amsl.com>; Thu, 15 Aug 2019 13:19:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pingidentity.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q7ujcmfYvglT for <jwt-reg-review@ietfa.amsl.com>; Thu, 15 Aug 2019 13:19:29 -0700 (PDT)
Received: from mail-io1-xd34.google.com (mail-io1-xd34.google.com [IPv6:2607:f8b0:4864:20::d34]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BA45D120071 for <jwt-reg-review@ietf.org>; Thu, 15 Aug 2019 13:19:29 -0700 (PDT)
Received: by mail-io1-xd34.google.com with SMTP id s21so1749839ioa.1 for <jwt-reg-review@ietf.org>; Thu, 15 Aug 2019 13:19:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=gmail; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=hFE1s5G+ZrPMmmpZnHATbtCh9M5xMO1GkXEFv1hZsng=; b=VwziCep0LZVPWgFEprui7Sg1VO/i6IcpdfSuhX8Ff6zEQHja04vIYayf4g4nk1AJ8U 9CINqva3V4dRHtV4yZr9S3piR//RSbZvEm8sjP2xzLrQ5Z2hqZKsKw/yD1hEGKHx8sxR AleyKOJxJkmGtsyQ1zJm+95oczKQ8JVWQ11Po=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=hFE1s5G+ZrPMmmpZnHATbtCh9M5xMO1GkXEFv1hZsng=; b=ADgbQqFvpFRAfXK0m8LvsOD4wfOOnArMi0SD6lShD73Di0jVhyiVYGbN+eNGvJskqQ 2h9BdonhBRyD88LHdy7RqrvNen/gcqCOWwejRXPQcl0apd8dU+n2KbTVDBJqBIr6gQAl 2SZ4+/N/QLmGycyM548ByVF36ZHkO4Mj91qIWL06oLImxcf8H30bg3b7M0yewDrirtlX W1+rgiYp2JBPgJ42EFn4wtmqUPwOmyIjvo6AIhfkh3NoFO+Bh0oFDyqGUgO/FQ+RDu7x pu6mfujiHxyTTgM4gK/pPliE773Idrxep0w/Mg48WnffS+9d2clpHE40AWcNiVjtww3C GgRQ==
X-Gm-Message-State: APjAAAWncsMVrAf+Gh4TW+QVxl2w9hXW6oOfmPgvY/CeqFvIrAauvi5Y CCpaXz+hzXsHUAZLb6ka8ApLW+Tbhu0tL0L+bwekps/86M+t2owqlTDZH8qBSRURgITrNdsWK6d sSa6saT2twthQrw/rVGf5sKuwoIIG
X-Google-Smtp-Source: APXvYqwqGf7kT6kBpzyz5YnNBk5TgINbHAJE+eHwa2+0ja6yTFOnRgx+A4s28rITGSzsoySqf1iju6g8g8wrvOr0ZS4=
X-Received: by 2002:a02:9644:: with SMTP id c62mr6978898jai.45.1565900368624; Thu, 15 Aug 2019 13:19:28 -0700 (PDT)
MIME-Version: 1.0
References: <CA+k3eCSqqCuftgZuNJm5bevWni8p4XS3u0Ou2vO=JA2QuxJ_HQ@mail.gmail.com>
In-Reply-To: <CA+k3eCSqqCuftgZuNJm5bevWni8p4XS3u0Ou2vO=JA2QuxJ_HQ@mail.gmail.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Thu, 15 Aug 2019 14:19:02 -0600
Message-ID: <CA+k3eCQNf0xbDPcD-6pimwkK=-maa+Vn6UGPxpsu5z9Nnt3zcg@mail.gmail.com>
To: jwt-reg-review@ietf.org, Hannes Tschofenig <Hannes.Tschofenig@arm.com>, John Bradley <ve7jtb@ve7jtb.com>
Content-Type: multipart/alternative; boundary="00000000000039d77805902d979a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/jwt-reg-review/EShRPGAdV1BxwNo2JiHA_OOJdyk>
Subject: Re: [Jwt-reg-review] Request to Register JWT Confirmation Method: x5t#S256
X-BeenThere: jwt-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Expert review of proposed IANA registrations for JSON Web Token \(JWT\) claims." <jwt-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jwt-reg-review/>
List-Post: <mailto:jwt-reg-review@ietf.org>
List-Help: <mailto:jwt-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Aug 2019 20:19:33 -0000

Looking at
https://www.iana.org/assignments/jwt/jwt.xhtml#confirmation-methods I see
the DEs for the Confirmation Methods are John Bradley and Hannes
Tschofenig. John is a co-author of the document in question so his approval
is implied but also could be perceived as creating a conflict of interest.
So per https://tools.ietf.org/html/rfc7800#section-6 I think that means
that this should be "defer[ed] to the judgment of the other Experts". The
other experts are Hannes. Hannes co-chairs the WG that the document came
out of so I'd hope and expect that he'd approve of the registration too.
But I'll request that he respond in the affirmative to this message just
for procedural sake.







On Tue, Aug 13, 2019 at 12:16 PM Brian Campbell <bcampbell@pingidentity.com>;
wrote:

> Please review the registration request for the "x5t#S256" JWT confirmation
> method found in section 9.1 of draft-ietf-oauth-mtls at
> https://tools.ietf.org/html/draft-ietf-oauth-mtls-16#section-9.1
>
> Thank you,
> Brian Campbell - draft-ietf-oauth-mtls co-author
>

-- 
_CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately 
by e-mail and delete the message and any file attachments from your 
computer. Thank you._