Re: [Jwt-reg-review] Request to register claim: "at_use_nbr"

Mike Jones <Michael.Jones@microsoft.com> Tue, 18 June 2019 10:30 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jwt-reg-review@ietfa.amsl.com
Delivered-To: jwt-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 32C9512012C for <jwt-reg-review@ietfa.amsl.com>; Tue, 18 Jun 2019 03:30:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I46X7EY6lS9D for <jwt-reg-review@ietfa.amsl.com>; Tue, 18 Jun 2019 03:30:11 -0700 (PDT)
Received: from NAM06-DM3-obe.outbound.protection.outlook.com (mail-dm3nam06on0729.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe56::729]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8BEFD1200B1 for <jwt-reg-review@ietf.org>; Tue, 18 Jun 2019 03:30:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mnao0Cy5qfJGnCvZTFugZx6AoW2zCKuhwoejtxeeB8M=; b=lg1zfeIx+0xk2tCDUHBrNtq/UjdfmkGlBvN186eQtTZFWk2KrS1nic075iCYPDb83NM+V0HyoJ1bIyRvHaNxtpA1GXHI3pPzVh37FFEE6zExmM00JLoAzpb24yBtkctGWzm0IfKaWUbcV5Dd6B5M/fzJAVUzca07L4Hlg1AioZQ=
Received: from BL0PR00MB0292.namprd00.prod.outlook.com (52.132.19.158) by BL0PR00MB0323.namprd00.prod.outlook.com (52.132.20.13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2044.0; Tue, 18 Jun 2019 10:30:05 +0000
Received: from BL0PR00MB0292.namprd00.prod.outlook.com ([fe80::42d:554e:1c2e:14b4]) by BL0PR00MB0292.namprd00.prod.outlook.com ([fe80::42d:554e:1c2e:14b4%7]) with mapi id 15.20.2042.000; Tue, 18 Jun 2019 10:30:05 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Miguel Angel Reina Ortega <MiguelAngel.ReinaOrtega@etsi.org>, Brian Campbell <bcampbell@pingidentity.com>
CC: PNNS <PNNS@etsi.org>, "jwt-reg-review@ietf.org" <jwt-reg-review@ietf.org>
Thread-Topic: [Jwt-reg-review] Request to register claim: "at_use_nbr"
Thread-Index: AdUUPCk35WRFbawXQP2CfNV5KeT+3QCBBS2AAYOK5AACMEI1gAAsTVDw
Date: Tue, 18 Jun 2019 10:30:04 +0000
Message-ID: <BL0PR00MB02928379309A9DF0B9D80A62F5EA0@BL0PR00MB0292.namprd00.prod.outlook.com>
References: <7ddd8b990a544ac195b711f66bbebdba@xMail.etsihq.org> <CA+k3eCTppz+9cnbO4TUi40SPn5AJwS5TX-pfL9+x=fLN2F0-=g@mail.gmail.com> <58db505570754ef4abcc30cec50c8e43@xMail.etsihq.org> <2f55588ea3bb4bbbb66990f7ad84cdc0@xMail.etsihq.org>
In-Reply-To: <2f55588ea3bb4bbbb66990f7ad84cdc0@xMail.etsihq.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=3adc1fc8-b0a7-4d82-9ad8-0000cbb42bc8; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2019-06-18T10:29:05-0800; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [109.105.115.249]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: f343ebd3-7a89-4710-aa8d-08d6f3d7eda6
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020); SRVR:BL0PR00MB0323;
x-ms-traffictypediagnostic: BL0PR00MB0323:
x-ms-exchange-purlcount: 6
x-microsoft-antispam-prvs: <BL0PR00MB032378DDACAF0BC9BC5B7962F5EA0@BL0PR00MB0323.namprd00.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:3044;
x-forefront-prvs: 007271867D
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(376002)(136003)(396003)(39860400002)(366004)(51874003)(51444003)(51914003)(189003)(199004)(6506007)(53546011)(966005)(14454004)(81156014)(7696005)(76176011)(8676002)(81166006)(606006)(72206003)(8990500004)(102836004)(8936002)(99286004)(73956011)(76116006)(14444005)(10290500003)(66446008)(64756008)(110136005)(66946007)(66476007)(66556008)(5024004)(256004)(66066001)(22452003)(478600001)(316002)(54906003)(5660300002)(86362001)(52536014)(6246003)(5070765005)(186003)(25786009)(71200400001)(26005)(486006)(71190400001)(476003)(4326008)(74316002)(11346002)(446003)(33656002)(53376002)(3846002)(6436002)(790700001)(6116002)(68736007)(55016002)(229853002)(2906002)(10090500001)(7736002)(54896002)(6306002)(53936002)(236005)(9686003); DIR:OUT; SFP:1102; SCL:1; SRVR:BL0PR00MB0323; H:BL0PR00MB0292.namprd00.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: n5WOPTs/WdN3+jgYP7yYpo8qVdQnyYrJRyWfgVEhDmD6VDVZUANuq23vLL/YUvNJZUgHhiC10pfja57BTTs4U4kSfCrP8GNvam3BZYtVAQXIwi4+Dv8ddDe6mkuvOxg6GrOZk8UWZhv48XFBg683HKRzgIVZIPGe/CEuhbSoqVJ1LN5rAQuI4jiGC5q+NIXWf1cUnVI4xwY/IwvV/3Xw2QlMtMKtd1x9eCTBmd+F8SoLcCo0DAvHpRtdLYx6vEajgw8D2p88+lacyWwXr/JxJQ1lkSW5JJcoCvvy6wetwyHDhmlrJ3J7l6KKhI4cd8GN6SiybZxNVnANGmiC8gHiUZjOdanSBgWWX539kOOoQLV+5yKG7Rreuk4p/XmEqqX51il0wMMWsMtDi84IB7KJTe6USui2oB3VVa4t9hN6cCk=
Content-Type: multipart/alternative; boundary="_000_BL0PR00MB02928379309A9DF0B9D80A62F5EA0BL0PR00MB0292namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f343ebd3-7a89-4710-aa8d-08d6f3d7eda6
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Jun 2019 10:30:04.7566 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: mbj@microsoft.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR00MB0323
Archived-At: <https://mailarchive.ietf.org/arch/msg/jwt-reg-review/YvGHyHKUNGXMd09cr1q46wGXX8s>
Subject: Re: [Jwt-reg-review] Request to register claim: "at_use_nbr"
X-BeenThere: jwt-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Expert review of proposed IANA registrations for JSON Web Token \(JWT\) claims." <jwt-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jwt-reg-review/>
List-Post: <mailto:jwt-reg-review@ietf.org>
List-Help: <mailto:jwt-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Jun 2019 10:30:16 -0000

I just tried opening the docs inside the .zip file https://docbox.etsi.org/ISG/NFV/Open/Drafts/SEC022_API_Access_Token_Spec/NFV-SEC022v010.zip to review the request and there were problems opening both of them.  Is this still the correct doc link?

                                           -- Mike

From: Jwt-reg-review <jwt-reg-review-bounces@ietf.org> On Behalf Of Miguel Angel Reina Ortega
Sent: Monday, June 17, 2019 6:21 AM
To: Brian Campbell <bcampbell@pingidentity.com>
Cc: PNNS <PNNS@etsi.org>; jwt-reg-review@ietf.org
Subject: Re: [Jwt-reg-review] Request to register claim: "at_use_nbr"

Dear Brian,

I still don’t see the requested claim appearing on the registry. Is there anything that needs to be done on my side?

Thanks in advance.

Best regards.

From: Miguel Angel Reina Ortega
Sent: 06 June 2019 11:59
To: Brian Campbell <bcampbell@pingidentity.com<mailto:bcampbell@pingidentity.com>>
Cc: jwt-reg-review@ietf.org<mailto:jwt-reg-review@ietf.org>; PNNS <PNNS@etsi.org<mailto:PNNS@etsi.org>>
Subject: RE: [Jwt-reg-review] Request to register claim: "at_use_nbr"

Dear Brian,

Thanks for the comments. The “scope” claim will be removed from there.

On the other hand, I don’t see any of those links you mention, just the following: http://openid.net/specs/openid-connect-core-1_0.html#IDToken<https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fopenid.net%2Fspecs%2Fopenid-connect-core-1_0.html%23IDToken&data=02%7C01%7CMichael.Jones%40microsoft.com%7C117b5d7fa0a74e43628608d6f3269b05%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636963744489158368&sdata=iV%2BVep69GMjlccLP%2BeBHgP5ccup5v%2BBv19nxjxqT7ys%3D&reserved=0>. which seems correct to me.

Best regards.

From: Brian Campbell <bcampbell@pingidentity.com<mailto:bcampbell@pingidentity.com>>
Sent: 29 May 2019 19:02
To: Miguel Angel Reina Ortega <MiguelAngel.ReinaOrtega@etsi.org<mailto:MiguelAngel.ReinaOrtega@etsi.org>>
Cc: jwt-reg-review@ietf.org<mailto:jwt-reg-review@ietf.org>; PNNS <PNNS@etsi.org<mailto:PNNS@etsi.org>>
Subject: Re: [Jwt-reg-review] Request to register claim: "at_use_nbr"

In general I think that the “at_use_nbr” claim can be registered given how it is described in the NFV_SEC022v0-1-0-cb.docx file inside the zip file at the https://docbox.etsi.org/ISG/NFV/Open/Drafts/SEC022_API_Access_Token_Spec/NFV-SEC022v010.zip<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocbox.etsi.org%2FISG%2FNFV%2FOpen%2FDrafts%2FSEC022_API_Access_Token_Spec%2FNFV-SEC022v010.zip&data=02%7C01%7CMichael.Jones%40microsoft.com%7C117b5d7fa0a74e43628608d6f3269b05%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636963744489158368&sdata=OxiFVAz8tEMPiuXJuP7NGP5eViDIXtvCYiOiSM3vwTc%3D&reserved=0> link provided.

However, there are also links there to https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fopenid.net%2Fspecs%2Fopenid-connect-core-1_0.html%23StandardClaims&data=02%7C01%7CMichael.Jones%40microsoft.com%7C117b5d7fa0a74e43628608d6f3269b05%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636963744489168378&sdata=rkdtD0ROF5FDv%2FJPzp4u3%2FOQQReqwe0ZHTApOsOpIMY%3D&reserved=0> and https://portal.etsi.org/webapp/WorkProgram/Report_WorkItem.asp?WKI_ID=54060<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fportal.etsi.org%2Fwebapp%2FWorkProgram%2FReport_WorkItem.asp%3FWKI_ID%3D54060&data=02%7C01%7CMichael.Jones%40microsoft.com%7C117b5d7fa0a74e43628608d6f3269b05%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636963744489168378&sdata=cw24KGV4xkPtSMJRWE2ArrYH%2BFSycuZ3lkfVDDl1BCc%3D&reserved=0> which are confusing and/or don't seem right.

Also the NFV_SEC022v0-1-0-cb.docx document also still has "scope" in the JSON Web Token Claims registry which needs to be removed. Because ultimately I think IANA works off of the specification document itself.



On Sun, May 26, 2019 at 9:36 PM Miguel Angel Reina Ortega <MiguelAngel.ReinaOrtega@etsi.org<mailto:MiguelAngel.ReinaOrtega@etsi.org>> wrote:
Dear,
On behalf of ETSI NFV ISG, I would like to submit the following registration request for the “JSON Web Token” registry:

  *   Claim Name: “at_use_nbr”
  *   Claim Description: Number of API requests for which the access token can be used.
  *   Change Controller: ETSI (pnns@etsi.org<mailto:pnns@etsi.org>)
  *   Specification Document(s): Clause 5.5<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fopenid.net%2Fspecs%2Fopenid-connect-core-1_0.html%23StandardClaims&data=02%7C01%7CMichael.Jones%40microsoft.com%7C117b5d7fa0a74e43628608d6f3269b05%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636963744489178387&sdata=9%2Fy%2FSKs7TJYLmfUQgE7H%2BMK9G1p%2Fu0qWeJg6bQnNN6c%3D&reserved=0> of the present ETSI GS NFV-SEC 022<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fportal.etsi.org%2Fwebapp%2FWorkProgram%2FReport_WorkItem.asp%3FWKI_ID%3D54060&data=02%7C01%7CMichael.Jones%40microsoft.com%7C117b5d7fa0a74e43628608d6f3269b05%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636963744489178387&sdata=XEsYxG0MJx8yWKnU4HCfabwa4t11i7HoCpQzhQq%2BNCc%3D&reserved=0> (https://docbox.etsi.org/ISG/NFV/Open/Drafts/SEC022_API_Access_Token_Spec/NFV-SEC022v010.zip<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocbox.etsi.org%2FISG%2FNFV%2FOpen%2FDrafts%2FSEC022_API_Access_Token_Spec%2FNFV-SEC022v010.zip&data=02%7C01%7CMichael.Jones%40microsoft.com%7C117b5d7fa0a74e43628608d6f3269b05%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636963744489188392&sdata=dELZ0uXS89HAeu2go5ogOqERu8n%2BMC8kfgvu5%2BWKQuA%3D&reserved=0>)
Please, note that once the specification is approved, the pointer to the specification will be updated.

Best regards.

-----------------------------------------------------------------------------------------------------------------
Miguel Angel Reina Ortega – Testing Expert
Centre for Testing and Interoperability (CTI)
ETSI ● www.etsi.org<https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.etsi.org%2F&data=02%7C01%7CMichael.Jones%40microsoft.com%7C117b5d7fa0a74e43628608d6f3269b05%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636963744489198397&sdata=lKldrk7WxSDXYBwvrcU7yyRHyfsm0d7YPhkRtAj1YSo%3D&reserved=0> ● miguelangel.reinaortega@etsi.org<mailto:miguelangel.reinaortega@etsi.org>
Phone: +33 (0)4 92 94 43 49 ● Mobile: +33 (0)6 76 73 60 99

This email may contain confidential information and is intended for
the use of the addressee only. Any unauthorized use may be unlawful.
If you receive this email by mistake, please advise the sender
immediately by using the reply facility in your email software.
Thank you for your co-operation.

_______________________________________________
Jwt-reg-review mailing list
Jwt-reg-review@ietf.org<mailto:Jwt-reg-review@ietf.org>
https://www.ietf.org/mailman/listinfo/jwt-reg-review<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fjwt-reg-review&data=02%7C01%7CMichael.Jones%40microsoft.com%7C117b5d7fa0a74e43628608d6f3269b05%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636963744489198397&sdata=aMj1EWMEjkYfN5%2BoUUV16L5au4ad%2BiCqYnVkQlZ8sLk%3D&reserved=0>

CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.