Re: [Jwt-reg-review] Request to register claim: "at_use_nbr"

Miguel Angel Reina Ortega <MiguelAngel.ReinaOrtega@etsi.org> Tue, 18 June 2019 11:53 UTC

Return-Path: <MiguelAngel.ReinaOrtega@etsi.org>
X-Original-To: jwt-reg-review@ietfa.amsl.com
Delivered-To: jwt-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12D20120131 for <jwt-reg-review@ietfa.amsl.com>; Tue, 18 Jun 2019 04:53:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.288
X-Spam-Level:
X-Spam-Status: No, score=-4.288 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=etsi.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UYOT0kB3-VQV for <jwt-reg-review@ietfa.amsl.com>; Tue, 18 Jun 2019 04:53:36 -0700 (PDT)
Received: from relay.etsi.org (relay.etsi.org [195.238.226.209]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A18AC120075 for <jwt-reg-review@ietf.org>; Tue, 18 Jun 2019 04:53:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=1524829736.etsi; d=etsi.org; h=From:To:CC:Subject:Date:Message-ID:References:In-Reply-To:Content-Type: MIME-Version; i=MiguelAngel.ReinaOrtega@etsi.org; bh=lfCk/zFEy8z+ZmGenXDDCvNR1hhdU9v0S3SN05dyw8g=; b=ZyxHY7ouJ3hucantx8rVDMBdvz+mh4D78lnaF2LYkakfm5xEEOzLaIcnZFRCVXR4b/JvGSyNdgwT SWjhorMX9wQhO7Zc5Fmsikuat7tx3yzmRbZ8cmklE4DGmmX1+2j5O+RIfhJb4OBBM50zfOeVmBsp 4zw3xDlub7x8sSpPbx4=
Received: from outbound.etsi.org (172.27.1.75) by relay.etsi.org id h138c02gvlc3 for <jwt-reg-review@ietf.org>; Tue, 18 Jun 2019 12:53:32 +0100 (envelope-from <MiguelAngel.ReinaOrtega@etsi.org>)
Received: from XMAIL.etsihq.org (172.27.1.75) by xMail.etsihq.org (172.27.1.75) with Microsoft SMTP Server (TLS) id 15.0.1236.3; Tue, 18 Jun 2019 13:53:32 +0200
Received: from XMAIL.etsihq.org ([172.27.1.75]) by xMail.etsihq.org ([172.27.1.75]) with mapi id 15.00.1236.000; Tue, 18 Jun 2019 13:53:32 +0200
From: Miguel Angel Reina Ortega <MiguelAngel.ReinaOrtega@etsi.org>
To: Mike Jones <Michael.Jones@microsoft.com>, Brian Campbell <bcampbell@pingidentity.com>
CC: PNNS <PNNS@etsi.org>, "jwt-reg-review@ietf.org" <jwt-reg-review@ietf.org>
Thread-Topic: [Jwt-reg-review] Request to register claim: "at_use_nbr"
Thread-Index: AdUUPCk35WRFbawXQP2CfNV5KeT+3QB81EuAAYenrcACMEbSgAAoNKsAAAcLn7A=
Date: Tue, 18 Jun 2019 11:53:32 +0000
Message-ID: <2c0b0a98ed534dd7885ecfc19728e9f1@xMail.etsihq.org>
References: <7ddd8b990a544ac195b711f66bbebdba@xMail.etsihq.org> <CA+k3eCTppz+9cnbO4TUi40SPn5AJwS5TX-pfL9+x=fLN2F0-=g@mail.gmail.com> <58db505570754ef4abcc30cec50c8e43@xMail.etsihq.org> <2f55588ea3bb4bbbb66990f7ad84cdc0@xMail.etsihq.org> <BL0PR00MB02928379309A9DF0B9D80A62F5EA0@BL0PR00MB0292.namprd00.prod.outlook.com>
In-Reply-To: <BL0PR00MB02928379309A9DF0B9D80A62F5EA0@BL0PR00MB0292.namprd00.prod.outlook.com>
Accept-Language: en-US, en-GB
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.7.2.65]
Content-Type: multipart/alternative; boundary="_000_2c0b0a98ed534dd7885ecfc19728e9f1xMailetsihqorg_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/jwt-reg-review/FVrUtnR22OpI9PGMRHOfR6Kfj-w>
Subject: Re: [Jwt-reg-review] Request to register claim: "at_use_nbr"
X-BeenThere: jwt-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Expert review of proposed IANA registrations for JSON Web Token \(JWT\) claims." <jwt-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jwt-reg-review/>
List-Post: <mailto:jwt-reg-review@ietf.org>
List-Help: <mailto:jwt-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Jun 2019 11:53:40 -0000

Dear Mike,

Yes, it is still the correct doc link. I did not have any problem opening any of the documents.

Should I send it attached to an email for you?

Best regards.

-----------------------------------------------------------------------------------------------------------------
Miguel Angel Reina Ortega – Testing Expert
Centre for Testing and Interoperability (CTI)
ETSI ● www.etsi.org<http://www.etsi.org/> ● miguelangel.reinaortega@etsi.org<mailto:miguelangel.reinaortega@etsi.org>
Phone: +33 (0)4 92 94 43 49 ● Mobile: +33 (0)6 76 73 60 99

This email may contain confidential information and is intended for
the use of the addressee only. Any unauthorized use may be unlawful.
If you receive this email by mistake, please advise the sender
immediately by using the reply facility in your email software.
Thank you for your co-operation.

From: Mike Jones <Michael.Jones@microsoft.com>;
Sent: 18 June 2019 12:30
To: Miguel Angel Reina Ortega <MiguelAngel.ReinaOrtega@etsi.org>;; Brian Campbell <bcampbell@pingidentity.com>;
Cc: PNNS <PNNS@etsi.org>;; jwt-reg-review@ietf.org
Subject: RE: [Jwt-reg-review] Request to register claim: "at_use_nbr"

I just tried opening the docs inside the .zip file https://docbox.etsi.org/ISG/NFV/Open/Drafts/SEC022_API_Access_Token_Spec/NFV-SEC022v010.zip to review the request and there were problems opening both of them.  Is this still the correct doc link?

                                           -- Mike

From: Jwt-reg-review <jwt-reg-review-bounces@ietf.org<mailto:jwt-reg-review-bounces@ietf.org>> On Behalf Of Miguel Angel Reina Ortega
Sent: Monday, June 17, 2019 6:21 AM
To: Brian Campbell <bcampbell@pingidentity.com<mailto:bcampbell@pingidentity.com>>
Cc: PNNS <PNNS@etsi.org<mailto:PNNS@etsi.org>>; jwt-reg-review@ietf.org<mailto:jwt-reg-review@ietf.org>
Subject: Re: [Jwt-reg-review] Request to register claim: "at_use_nbr"

Dear Brian,

I still don’t see the requested claim appearing on the registry. Is there anything that needs to be done on my side?

Thanks in advance.

Best regards.

From: Miguel Angel Reina Ortega
Sent: 06 June 2019 11:59
To: Brian Campbell <bcampbell@pingidentity.com<mailto:bcampbell@pingidentity.com>>
Cc: jwt-reg-review@ietf.org<mailto:jwt-reg-review@ietf.org>; PNNS <PNNS@etsi.org<mailto:PNNS@etsi.org>>
Subject: RE: [Jwt-reg-review] Request to register claim: "at_use_nbr"

Dear Brian,

Thanks for the comments. The “scope” claim will be removed from there.

On the other hand, I don’t see any of those links you mention, just the following: http://openid.net/specs/openid-connect-core-1_0.html#IDToken<https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fopenid.net%2Fspecs%2Fopenid-connect-core-1_0.html%23IDToken&data=02%7C01%7CMichael.Jones%40microsoft.com%7C117b5d7fa0a74e43628608d6f3269b05%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636963744489158368&sdata=iV%2BVep69GMjlccLP%2BeBHgP5ccup5v%2BBv19nxjxqT7ys%3D&reserved=0>;. which seems correct to me.

Best regards.

From: Brian Campbell <bcampbell@pingidentity.com<mailto:bcampbell@pingidentity.com>>
Sent: 29 May 2019 19:02
To: Miguel Angel Reina Ortega <MiguelAngel.ReinaOrtega@etsi.org<mailto:MiguelAngel.ReinaOrtega@etsi.org>>
Cc: jwt-reg-review@ietf.org<mailto:jwt-reg-review@ietf.org>; PNNS <PNNS@etsi.org<mailto:PNNS@etsi.org>>
Subject: Re: [Jwt-reg-review] Request to register claim: "at_use_nbr"

In general I think that the “at_use_nbr” claim can be registered given how it is described in the NFV_SEC022v0-1-0-cb.docx file inside the zip file at the https://docbox.etsi.org/ISG/NFV/Open/Drafts/SEC022_API_Access_Token_Spec/NFV-SEC022v010.zip<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocbox.etsi.org%2FISG%2FNFV%2FOpen%2FDrafts%2FSEC022_API_Access_Token_Spec%2FNFV-SEC022v010.zip&data=02%7C01%7CMichael.Jones%40microsoft.com%7C117b5d7fa0a74e43628608d6f3269b05%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636963744489158368&sdata=OxiFVAz8tEMPiuXJuP7NGP5eViDIXtvCYiOiSM3vwTc%3D&reserved=0> link provided.

However, there are also links there to https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fopenid.net%2Fspecs%2Fopenid-connect-core-1_0.html%23StandardClaims&data=02%7C01%7CMichael.Jones%40microsoft.com%7C117b5d7fa0a74e43628608d6f3269b05%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636963744489168378&sdata=rkdtD0ROF5FDv%2FJPzp4u3%2FOQQReqwe0ZHTApOsOpIMY%3D&reserved=0> and https://portal.etsi.org/webapp/WorkProgram/Report_WorkItem.asp?WKI_ID=54060<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fportal.etsi.org%2Fwebapp%2FWorkProgram%2FReport_WorkItem.asp%3FWKI_ID%3D54060&data=02%7C01%7CMichael.Jones%40microsoft.com%7C117b5d7fa0a74e43628608d6f3269b05%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636963744489168378&sdata=cw24KGV4xkPtSMJRWE2ArrYH%2BFSycuZ3lkfVDDl1BCc%3D&reserved=0> which are confusing and/or don't seem right.

Also the NFV_SEC022v0-1-0-cb.docx document also still has "scope" in the JSON Web Token Claims registry which needs to be removed. Because ultimately I think IANA works off of the specification document itself.



On Sun, May 26, 2019 at 9:36 PM Miguel Angel Reina Ortega <MiguelAngel.ReinaOrtega@etsi.org<mailto:MiguelAngel.ReinaOrtega@etsi.org>> wrote:
Dear,
On behalf of ETSI NFV ISG, I would like to submit the following registration request for the “JSON Web Token” registry:

  *   Claim Name: “at_use_nbr”
  *   Claim Description: Number of API requests for which the access token can be used.
  *   Change Controller: ETSI (pnns@etsi.org<mailto:pnns@etsi.org>)
  *   Specification Document(s): Clause 5.5<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fopenid.net%2Fspecs%2Fopenid-connect-core-1_0.html%23StandardClaims&data=02%7C01%7CMichael.Jones%40microsoft.com%7C117b5d7fa0a74e43628608d6f3269b05%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636963744489178387&sdata=9%2Fy%2FSKs7TJYLmfUQgE7H%2BMK9G1p%2Fu0qWeJg6bQnNN6c%3D&reserved=0> of the present ETSI GS NFV-SEC 022<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fportal.etsi.org%2Fwebapp%2FWorkProgram%2FReport_WorkItem.asp%3FWKI_ID%3D54060&data=02%7C01%7CMichael.Jones%40microsoft.com%7C117b5d7fa0a74e43628608d6f3269b05%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636963744489178387&sdata=XEsYxG0MJx8yWKnU4HCfabwa4t11i7HoCpQzhQq%2BNCc%3D&reserved=0> (https://docbox.etsi.org/ISG/NFV/Open/Drafts/SEC022_API_Access_Token_Spec/NFV-SEC022v010.zip<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocbox.etsi.org%2FISG%2FNFV%2FOpen%2FDrafts%2FSEC022_API_Access_Token_Spec%2FNFV-SEC022v010.zip&data=02%7C01%7CMichael.Jones%40microsoft.com%7C117b5d7fa0a74e43628608d6f3269b05%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636963744489188392&sdata=dELZ0uXS89HAeu2go5ogOqERu8n%2BMC8kfgvu5%2BWKQuA%3D&reserved=0>;)
Please, note that once the specification is approved, the pointer to the specification will be updated.

Best regards.

-----------------------------------------------------------------------------------------------------------------
Miguel Angel Reina Ortega – Testing Expert
Centre for Testing and Interoperability (CTI)
ETSI ● www.etsi.org<https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.etsi.org%2F&data=02%7C01%7CMichael.Jones%40microsoft.com%7C117b5d7fa0a74e43628608d6f3269b05%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636963744489198397&sdata=lKldrk7WxSDXYBwvrcU7yyRHyfsm0d7YPhkRtAj1YSo%3D&reserved=0> ● miguelangel.reinaortega@etsi.org<mailto:miguelangel.reinaortega@etsi.org>
Phone: +33 (0)4 92 94 43 49 ● Mobile: +33 (0)6 76 73 60 99

This email may contain confidential information and is intended for
the use of the addressee only. Any unauthorized use may be unlawful.
If you receive this email by mistake, please advise the sender
immediately by using the reply facility in your email software.
Thank you for your co-operation.

_______________________________________________
Jwt-reg-review mailing list
Jwt-reg-review@ietf.org<mailto:Jwt-reg-review@ietf.org>
https://www.ietf.org/mailman/listinfo/jwt-reg-review<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fjwt-reg-review&data=02%7C01%7CMichael.Jones%40microsoft.com%7C117b5d7fa0a74e43628608d6f3269b05%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636963744489198397&sdata=aMj1EWMEjkYfN5%2BoUUV16L5au4ad%2BiCqYnVkQlZ8sLk%3D&reserved=0>

CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.