IETF Logo Mail Archive

Re: [Jwt-reg-review] Request to register claims: "scope" , "at_use_nbr"

Brian Campbell <bcampbell@pingidentity.com> Tue, 21 May 2019 18:50 UTC

Return-Path: <bcampbell@pingidentity.com>
X-Original-To: jwt-reg-review@ietfa.amsl.com
Delivered-To: jwt-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 06E2712004C for <jwt-reg-review@ietfa.amsl.com>; Tue, 21 May 2019 11:50:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.99
X-Spam-Level:
X-Spam-Status: No, score=-1.99 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pingidentity.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6-uEud8hcBVj for <jwt-reg-review@ietfa.amsl.com>; Tue, 21 May 2019 11:50:22 -0700 (PDT)
Received: from mail-io1-xd30.google.com (mail-io1-xd30.google.com [IPv6:2607:f8b0:4864:20::d30]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B50112004A for <jwt-reg-review@ietf.org>; Tue, 21 May 2019 11:50:22 -0700 (PDT)
Received: by mail-io1-xd30.google.com with SMTP id m7so14806518ioa.6 for <jwt-reg-review@ietf.org>; Tue, 21 May 2019 11:50:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=gmail; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=V8FfAR1CgU++of8O41i74LMG+Zph3SUPIZy8eVqQdGU=; b=H8MbHwMllPa4bjQ8a5r7mHJllDyc9iyAOOPkUvSD0T8Q7qii4zcKXIORoPzDQGOGxp j5b5uYN+It2OzR28PDzV6kouXPh6Yv+rJg7aTo21PQoDZyiTTfixfldAR72dPJoexoaO mA1bKW/PmuFCsqJZayWvxZ23NrfgxrMcsZpzw=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=V8FfAR1CgU++of8O41i74LMG+Zph3SUPIZy8eVqQdGU=; b=e2qYdjgWq3gcZx+B30ifubKqkXcAO8Yjb60dx/dPemBb8K4fBJD6elPi1+1lJQ/yG2 UwhOXelVZnJ3LZZlzd8VviYcwZMs9poGIhKq7w7uHx+j0hOU2R3OqdP30mh+/pfTAjqa a1UAZAdHoJ0x82Xz2CKS7j3LEsrwa+nick9H+Hq7dGhKsWbTm4iV24bSPf8I2eEEQ3kl anx5cKP2l9OBDbbd0AxWzYg5Bd6C3gRPzvaWFxCavjnr4NvDXYEYEPG5du9wiKRkhJL9 sBcOuizv8/32k4H5IAaJx7WLv6oBHVO/uisW+Xem2VH7uEls0Lo1h5SOGmJ3SBzCOkKL FBoA==
X-Gm-Message-State: APjAAAXBRF7+CqpjAf+yiLuGr1eyOfOEzrFsJIMSivUVTZTaY0RHtqKx mu4Fz0z6hlI50B/+uhFR+Bh7Cg22Ys8V53d+JSOHUr4kqs2y2ojVymA5mEC9b4rDpHJn8OeY/d2 calCp6iLSGsuJNDe3ZvtHcSkxzA==
X-Google-Smtp-Source: APXvYqy8tAIRF7e5KG4wDzMPqwQtoL3qoJj3cmd08Xkzmqx8PyV9haOq8I/0WRqQmW03TYv5ra7th9LsUH8GNf1hk/A=
X-Received: by 2002:a6b:6410:: with SMTP id t16mr4122446iog.156.1558464620163; Tue, 21 May 2019 11:50:20 -0700 (PDT)
MIME-Version: 1.0
References: <52951ff3f45146a284bc3401f2260915@xMail.etsihq.org>
In-Reply-To: <52951ff3f45146a284bc3401f2260915@xMail.etsihq.org>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Tue, 21 May 2019 12:49:53 -0600
Message-ID: <CA+k3eCQEB9LZKKTt-bKOaAXLGLtgDWPkXUBhd2KkiYF+gE8WYg@mail.gmail.com>
To: Miguel Angel Reina Ortega <MiguelAngel.ReinaOrtega@etsi.org>
Cc: "jwt-reg-review@ietf.org" <jwt-reg-review@ietf.org>, PNNS <PNNS@etsi.org>
Content-Type: multipart/alternative; boundary="00000000000014aded05896a52bd"
Archived-At: <https://mailarchive.ietf.org/arch/msg/jwt-reg-review/MWoHFKH5CrZFJ6cYnPfLAv5ufzg>
Subject: Re: [Jwt-reg-review] Request to register claims: "scope" , "at_use_nbr"
X-BeenThere: jwt-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Expert review of proposed IANA registrations for JSON Web Token \(JWT\) claims." <jwt-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jwt-reg-review/>
List-Post: <mailto:jwt-reg-review@ietf.org>
List-Help: <mailto:jwt-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 May 2019 18:50:27 -0000

Hello Miguel,

RFC 7519 says that values for the JSON Web Token Claims Registry
<https://tools.ietf.org/html/rfc7519#section-10.1> are registered on a
Specification Required basis. RFC 5226 says that Specification Required
<https://tools.ietf.org/html/rfc5226#section-4.1> means that the values and
their meanings must be documented in a permanent and readily available
public specification. I do not believe a Microsoft Word document as an
email attachment is sufficient in that regard. This registration review
request will need to be made again with a straightforward pointer to such a
permanent and readily available public specification that defines the
claim.

Also note that the 'scope' claim is being defined in Section 4.2 of OAuth
2.0 Token Exchange
<https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16#section-4.2>
with effectively the same meaning.  Registration has already been requested
from/by that document so isn't necessary from the ETSI GS NFV-SEC 022
perspective.

Thanks,
Brian Campbell
One of the (so called) Designated Experts for the JWT Claims Registry


On Mon, May 20, 2019 at 11:35 AM Miguel Angel Reina Ortega <
MiguelAngel.ReinaOrtega@etsi.org> wrote:

> Dear,
>
> On behalf of ETSI NFV ISG, I would like to submit the following
> registration requests for the “JSON Web Token” registry:
>
>
>
>    - Claim Name: “scope”
>
>
>    - Claim Description: space-separated list of scope of operation values
>    for which the access token is valid.
>    - Change Controller: ETSI (pnns@etsi.org)
>
>
>    - Specification Document(s): Clause 5.5
>    <https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims>
>    of the present ETSI GS NFV-SEC 022
>    <https://portal.etsi.org/webapp/WorkProgram/Report_WorkItem.asp?WKI_ID=54060>
>    (attached)
>
>
>
>    - Claim Name: “at_use_nbr”
>    - Claim Description: Number of API requests for which the access token
>    can be used.
>    - Change Controller: ETSI (pnns@etsi.org)
>
>
>    - Specification Document(s): Clause 5.5
>    <https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims>
>    of the present ETSI GS NFV-SEC 022
>    <https://portal.etsi.org/webapp/WorkProgram/Report_WorkItem.asp?WKI_ID=54060>
>    (attached)
>
>
>
> Best regards.
>
>
>
>
>
>
> -----------------------------------------------------------------------------------------------------------------
>
> *Miguel Angel Reina Ortega **–* Testing Expert
>
> Centre for Testing and Interoperability (CTI)
>
> *ETSI* ● www.etsi.org*miguelangel.reinaortega@etsi.org
> <miguelangel.reinaortega@etsi.org>*
>
> Phone: +33 (0)4 92 94 43 49 ● Mobile: +33 (0)6 76 73 60 99
>
>
>
> This email may contain confidential information and is intended for
>
> the use of the addressee only. Any unauthorized use may be unlawful.
>
> If you receive this email by mistake, please advise the sender
>
> immediately by using the reply facility in your email software.
>
> Thank you for your co-operation.
>
>
> _______________________________________________
> Jwt-reg-review mailing list
> Jwt-reg-review@ietf.org
> https://www.ietf.org/mailman/listinfo/jwt-reg-review
>


-- 
<https://www.pingidentity.com>[image: Ping Identity]
<https://www.pingidentity.com>
Brian Campbell
Distinguished Engineer
bcampbell@pingidentity.com
w: +1 720.317.2061
c: +1 303.918.9415
Connect with us: [image: Glassdoor logo]
<https://www.glassdoor.com/Overview/Working-at-Ping-Identity-EI_IE380907.11,24.htm>
[image:
LinkedIn logo] <https://www.linkedin.com/company/21870> [image: twitter
logo] <https://twitter.com/pingidentity> [image: facebook logo]
<https://www.facebook.com/pingidentitypage> [image: youtube logo]
<https://www.youtube.com/user/PingIdentityTV> [image: Blog logo]
<https://www.pingidentity.com/en/blog.html>
<https://www.pingidentity.com/content/ping/en/lp/d/p14e-trial.html>
<https://www.pingidentity.com/en/lp/d/p14e-trial.html?utm_source=Email&utm_medium=p14e-trial-sso-mfa-emailsig&utm_campaign=p14e-trial-sso-mfa-emailsig>
<https://www.pingidentity.com/en/lp/d/p14e-trial.html?utm_source=Email&utm_medium=p14e-trial-sso-mfa-emailsig&utm_campaign=p14e-trial-sso-mfa-emailsig>
<https://developer.pingidentity.com/en/signup.html>
<https://developer.pingidentity.com/en/signup.html>
<https://developer.pingidentity.com/en/signup.html>
<https://developer.pingidentity.com/en/signup.html?utm_source=email&utm_medium=P14C-Trial-Email&utm_campaign=P14C-Trial-Email&utm_content=link>
<https://developer.pingidentity.com/en/signup.html?utm_source=email&utm_medium=P14C-Trial-Email&utm_campaign=P14C-Trial-Email&utm_content=link>

-- 
_CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately 
by e-mail and delete the message and any file attachments from your 
computer. Thank you._

v2.23.0 | Report a Bug | By Email