Re: [Jwt-reg-review] [EXTERNAL] [IANA #1158948] Requested review for IANA registration in draft-ietf-ace-oauth-params (jwt - JSON Web Token Claim)

Mike Jones <Michael.Jones@microsoft.com> Tue, 18 February 2020 22:35 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jwt-reg-review@ietfa.amsl.com
Delivered-To: jwt-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 11995120838 for <jwt-reg-review@ietfa.amsl.com>; Tue, 18 Feb 2020 14:35:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jtT-VX9tWLeu for <jwt-reg-review@ietfa.amsl.com>; Tue, 18 Feb 2020 14:35:38 -0800 (PST)
Received: from NAM06-DM3-obe.outbound.protection.outlook.com (mail-dm3nam06on0714.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe56::714]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3C15B120145 for <jwt-reg-review@ietf.org>; Tue, 18 Feb 2020 14:35:38 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dhNshTZ1ANKlx6bV4t0VPy0Hi/p5FZQBcVcG1ZqZ+valrkvpw0NtFLXgNZl8GWoLSQzMBQzIwDO3Zs5oZjZb3odALR+v6yLiDR4FRmR4cPFUp4MIa+Lrn/OIz16vTycub/VpnBZZLNVppI1Ky4cKAHY1E/0I7d4EP2f0mxwrgO1IMM6XEq75GkzOeQQ3UDuPIsKAKXabr/oJ2LuRbVhDVI4t42gmu79eNOD0pK8tz0dgUDvYTnw0uUd+1pbnFNgMpWM0s5qlnLKdw7J+kZgO+B/c7IhDoi3B8EmvZNufvYgaJGqCpVKxRcRakxEj0xfrLyKpPbmTSGa8XUhpK7bXLw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=S7KS4XUVgHQuUAZKEIYmwKlElpDyUijU7MKsRYpZS/8=; b=ep7KMpY8Ud89pZEQ34oPT0KfnDXT/HDJymcWzc16yurcIwwY5hg5kVOuaD8stAL6NSo0XcvnITuU/NG/M52i0RC7Zb8KWr5aDhPHiDFHq1pu4FhoJw2edwjQPA6Trpz0XitXQG7IwtAz1HnKtQBqWDr87yo81B0+l+3IJWjpMPNEcvRGohbHnQp1IRWbua8I71mIhgGufe6vFFUZ4Oy5jwqkSQL/e6wJqLdoOhLU9xnZ9UzqEGQCQ+IRYGsiCLSzE9YK9+f/Sitd44ABW7Y7mwnE83bPBt5/hHuYziO5TdWZP8XlD8k+u2J8SgcC5n8qiigSpBl0PAl5WZoysV64jw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=S7KS4XUVgHQuUAZKEIYmwKlElpDyUijU7MKsRYpZS/8=; b=czBNDWkdQ6SOMAQ9zAW07VtBy40NTrwm9HWFnTiwJHj8yIVWpXb5n2OmhSQRW3kiKFj5h2FKC8YneLaFu/wqYwsWYZDdLZWdHc0smo5Ow8S1ataLHciw74td9PUncIxnMZ6tbruNvJ+AiwBahnk7sW32xusV5cwk2eMhg0iw50I=
Received: from BY5PR00MB0676.namprd00.prod.outlook.com (52.135.55.15) by BYAPR00MB0454.namprd00.prod.outlook.com (20.178.53.202) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2761.0; Tue, 18 Feb 2020 22:35:35 +0000
Received: from BY5PR00MB0676.namprd00.prod.outlook.com ([fe80::a0dd:da8c:7433:3c6f]) by BY5PR00MB0676.namprd00.prod.outlook.com ([fe80::a0dd:da8c:7433:3c6f%4]) with mapi id 15.20.2777.000; Tue, 18 Feb 2020 22:35:35 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "drafts-expert-review@iana.org" <drafts-expert-review@iana.org>, "hannes.tschofenig@arm.com" <hannes.tschofenig@arm.com>, "jricher@mit.edu" <jricher@mit.edu>
CC: "jwt-reg-review@ietf.org" <jwt-reg-review@ietf.org>
Thread-Topic: [EXTERNAL] [Jwt-reg-review] [IANA #1158948] Requested review for IANA registration in draft-ietf-ace-oauth-params (jwt - JSON Web Token Claim)
Thread-Index: AQHV5p7h6RD4DZM+UUat/FA55+5X0KghiSjg
Date: Tue, 18 Feb 2020 22:35:35 +0000
Message-ID: <BY5PR00MB0676C1468C8AFFC9C511ECB0F5110@BY5PR00MB0676.namprd00.prod.outlook.com>
References: <RT-Ticket-1158948@icann.org> <9c32d171-9a4a-ba71-c989-92a177d9e989@gmx.de> <CA+k3eCSocYYpHQtWAfs=EnOTcOFbRSFH52FK=Ak5RiTZs4nOYA@mail.gmail.com> <77781da882414f4aae98ae2443691933@combitech.se> <CA+k3eCT0TLgUxzggV1WE-eQ8hSXGSUxXjimkp1ZPvUxXbnrAFA@mail.gmail.com> <582bfd3fbdee4cc592b92857c955721b@combitech.se> <CA+k3eCToZEQjkCGUawbWJSg51u24QOvmxBFvKS1Fk+KY4hwELA@mail.gmail.com> <20200124014548.GE90660@kduck.mit.edu> <RT-Ticket-1160802@icann.org> <rt-4.4.3-1037-1580344853-751.1158948-37-0@icann.org> <rt-4.4.3-21646-1582059799-1808.1158948-37-0@icann.org>
In-Reply-To: <rt-4.4.3-21646-1582059799-1808.1158948-37-0@icann.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=edf7b13f-854d-4a15-b781-000092749607; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2020-02-18T22:31:49Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [2001:4898:80e8:b:b9d9:4560:3dd5:6cec]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 5b96b764-2251-4a38-b812-08d7b4c2df2c
x-ms-traffictypediagnostic: BYAPR00MB0454:
x-microsoft-antispam-prvs: <BYAPR00MB0454EB8FF2F7633CBD784E6BF5110@BYAPR00MB0454.namprd00.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:3276;
x-forefront-prvs: 031763BCAF
x-forefront-antispam-report: SFV:NSPM; SFS:(10001)(10019020)(4636009)(396003)(346002)(366004)(376002)(136003)(39860400002)(189003)(199004)(10290500003)(8990500004)(478600001)(81156014)(81166006)(2906002)(8676002)(71200400001)(7696005)(316002)(52536014)(30864003)(4326008)(55016002)(86362001)(6506007)(966005)(8936002)(9686003)(33656002)(76116006)(66476007)(66556008)(66946007)(66446008)(64756008)(110136005)(5660300002)(53546011)(186003); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR00MB0454; H:BY5PR00MB0676.namprd00.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: kZ9mf97ttGwmZLvii2ohc1QHz357+mbvohH25KJ3PXAKSgG5JitqnxqX/C904x7Y8YtqmJK8MTzfbeA3Vh3PNxv5JylNqoz2gXU9vIbO8ZlAqi7ImeNzapG+UkCdA99c8HTunDdTJN+nebOAd/y/KIeQLNedzx+weLecRdpFieaps1JYszLuTjXHKI31oj7eJrRmg0V9DaZZ91GTXvWGs8NlZln6YGRzWGd5Gqe9UKFGndSfNmplS921806gR+E/sUFgFwN6g+ztuBiA+4Mfc9u4dl3qeNwoL0FfYZpgVivwLubxSEnZXHheMVuWiwHb1sbKj96l8YzH5hyoRq45lWnOdkKToSnVASysBGRDihLXm644cxa0bYygBi+JdEo/dttAne/i5G5qM+fn98xlq9lSDlihnlL86AOWQO0/YfgEGJ8Ol79PoANaDILYfq09IJ/dz1Pppt8F0Mi1yX+GbsB1pTVA42YtILOgXJHExOXD0zy2WyULIFBzD+U1s5RM/vRqCSuJP7y6q6QENTrcFAfbp7FnApM5y/Of94jZQOg/tKPfNbFNclyptmilI1Qe58AlYYv5YKbaLpkZZy+gU1Y4HQx1NQ9KxuTvTWVxRHr5ypm1isuYu+5LMxZh5Fvc
x-ms-exchange-antispam-messagedata: 9xfP/qzMdlKeQRzeUXLF2hNIt1WTDWmDb7LVQS3mHKa4tV/W+C/4+tl91iFCmWtRYXxW8At/mXV7k7+ambzJV7yqoombVMS3uf2ZMBwyvhk1t2jERh8cTLJ7DouzwkSxWE91fNUUWElWQ/oksHWdIj79cD6SwA6zXN6HzIQHQy8SQVuxm4Htlgd99lEsYh3NwtdiX6OstUfTnyEP/6gWIg==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 5b96b764-2251-4a38-b812-08d7b4c2df2c
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Feb 2020 22:35:35.5845 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: k19EEBXhir5VPqaLTdQyPJ2watMr4jibW+s6TXP6f7ITXsGsay7YHM33gV4l1Nx0p5oWNGvgHYx85TrOmw0DHQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR00MB0454
Archived-At: <https://mailarchive.ietf.org/arch/msg/jwt-reg-review/c--_agqkQOK6z0PjCnV_RihvDwI>
Subject: Re: [Jwt-reg-review] [EXTERNAL] [IANA #1158948] Requested review for IANA registration in draft-ietf-ace-oauth-params (jwt - JSON Web Token Claim)
X-BeenThere: jwt-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Expert review of proposed IANA registrations for JSON Web Token \(JWT\) claims." <jwt-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jwt-reg-review/>
List-Post: <mailto:jwt-reg-review@ietf.org>
List-Help: <mailto:jwt-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Feb 2020 22:35:41 -0000

I'm OK with these registrations, but I don't believe that John, Chuck, or I are designated experts for the applicable registries.  Hannes is the expert for the OAuth Parameters registry.  Justin is the expert for the OAuth Introspection registry.

And I don't believe that the OAuth Parameters CBOR Mappings registry has been created yet.

I hope this helps...

				-- Mike

-----Original Message-----
From: Jwt-reg-review <jwt-reg-review-bounces@ietf.org> On Behalf Of Sabrina Tanamal via RT
Sent: Tuesday, February 18, 2020 1:03 PM
Cc: jwt-reg-review@ietf.org
Subject: [EXTERNAL] [Jwt-reg-review] [IANA #1158948] Requested review for IANA registration in draft-ietf-ace-oauth-params (jwt - JSON Web Token Claim)

Dear John, Michael, and Chuck,

Have you had a chance to review the registration in draft-ietf-ace-oauth-params?

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-ietf-ace-oauth-params&amp;data=02%7C01%7CMichael.Jones%40microsoft.com%7Ce74ace3192cb4a52723608d7b4b60280%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637176566130853320&amp;sdata=5pmASiRTPR%2B7Ve5R1u8myHo6qh%2BGDVjEhKhm6K8hPgc%3D&amp;reserved=0

Thanks,

Sabrina Tanamal
Senior IANA Services Specialist

On Thu Jan 30 00:40:53 2020, sabrina.tanamal wrote:
> Dear John, Michael, and Chuck,
> 
> Have you had a chance to review the registration in draft-ietf-ace- 
> oauth-params?
> 
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftool
> s.ietf.org%2Fhtml%2Fdraft-ietf-ace-oauth-params&amp;data=02%7C01%7CMic
> hael.Jones%40microsoft.com%7Ce74ace3192cb4a52723608d7b4b60280%7C72f988
> bf86f141af91ab2d7cd011db47%7C1%7C0%7C637176566130863324&amp;sdata=85Yy
> 8GkBoL92w09RdviHOCrUY%2BvNF0Pqe8hJQxZ3Ps0%3D&amp;reserved=0
> 
> Thanks,
> 
> Sabrina Tanamal
> Senior IANA Services Specialist
> 
> > On Thu, Jan 23, 2020 at 02:31:20PM -0700, Brian Campbell wrote:
> > > Apologies, I forgot to reply-all at some earlier point and dropped 
> > > the mailing lists and other cc's off the thread. Added back now.
> > >
> > > And also apologies because I think I need to recuse myself from 
> > > the DE responsibility on the JWT registry request here. I've spent 
> > > more time than I'd like to admit or really have to spare on it and 
> > > am still struggling to understand.
> > >
> > > I appreciate you pointing out the authz-info endpoint in ACE but I 
> > > still don't follow how "rs_cnf" in an access token would really 
> > > work in practice.
> > > The client sends the token to the RS's authz-info endpoint on an 
> > > insecure connection or one that has the server auth with 
> > > potentially different key and the RS stores the access token for 
> > > later use. Then on resource access the RS looks up the access 
> > > token (with respect to the cnf key in
> > > it)
> > > based
> > > on the key the client used in establishing a new mutually 
> > > authentication connection to the RS. For the RS to choose a key 
> > > for server it will use during the handshake (and as far as I know 
> > > the server key is the first in the authn process of the handshake) 
> > > based on the "rs_cnf" in the access token, it needs to remember 
> > > and associate that client and the access token with something else 
> > > (IP address?) that will be available during the handshake. It 
> > > doesn't fit together for me in a way that seems likely to work or 
> > > be interoperable but, like I said, I'm really struggling to 
> > > understand.
> > >
> > > On Thu, Jan 16, 2020 at 12:54 AM Seitz Ludwig 
> > > <ludwig.seitz@combitech.se>
> > > wrote:
> > >
> > > > Hi Brian,
> > > >
> > > >
> > > >
> > > > Comments inline.
> > > >
> > > >
> > > >
> > > > /Ludwig
> > > >
> > > >
> > > >
> > > > *From:* Brian Campbell <bcampbell@pingidentity.com>
> > > > *Sent:* den 13 januari 2020 21:22
> > > > *To:* Seitz Ludwig <ludwig.seitz@combitech.se>
> > > > *Subject:* Re: [Ace] Requested review for IANA registration in 
> > > > draft-ietf-ace-oauth-params
> > > >
> > > >
> > > >
> > > > Thanks for the response and updates Ludwig,
> > > >
> > > >
> > > >
> > > > Please bear with me while I try to wrap my head around some 
> > > > things.
> > > >
> > > >
> > > >
> > > > The JWT registration request for the "rs_cnf" claim points to 
> > > > Sec
> > > > 3.3
> > > > <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F
> > > > %2Ftools.ietf.org%2Fhtml%2Fdraft-ietf-ace-oauth-params-&amp;data
> > > > =02%7C01%7CMichael.Jones%40microsoft.com%7Ce74ace3192cb4a5272360
> > > > 8d7b4b60280%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C6371765
> > > > 66130863324&amp;sdata=0wG8HJXLxcR4YKWlF%2FFGZSB49uZ0u4bg89S2dhyz
> > > > 5Ok%3D&amp;reserved=0
> > > > 08#section-3.3>
> > > > saying it is "a hint [in the access token] to the RS about which 
> > > > key it should use to authenticate towards the client".  But 
> > > > doesn't the client have to go through the DTLS/TLS handshake 
> > > > with the RS (which is presumably when it authenticates to the 
> > > > client) before it presents the access token?
> > > > I'm not seeing how this would work as seems the RS won't see the 
> > > > hint until after it needs it.
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > [LS] Not in the ACE flow. We use the access token to establish 
> > > > keys at the RS both for the client and the RS. We have therefore 
> > > > defined a new ACE-OAuth endpoint (authz-info) at the RS. The 
> > > > client can POST access tokens to this endpoint without prior 
> > > > authentication.
> > > >
> > > > At that point, the RS only validates the signature/MAC by the AS.
> > > >
> > > >
> > > >
> > > > Later at the time of access, the corresponding token is linked 
> > > > to the access request via the pop-mechanism and the 
> > > > client/access specific parts are validated (e.g. scope, 
> > > > subject).
> > > >
> > > >
> > > >
> > > > Hope that clarifies things a bit.
> > > >
> > > >
> > > >
> > > > On Sat, Jan 11, 2020 at 8:30 AM Seitz Ludwig 
> > > > <ludwig.seitz@combitech.se>
> > > > wrote:
> > > >
> > > > Hello again Brian,
> > > >
> > > >
> > > >
> > > > Thank you for reviewing this! Indeed the handling of JWT/JSON 
> > > > interactions was handled sloppily here. I will soon issue a 
> > > > draft update that specifies that the JSON-based interactions 
> > > > should use the syntax from
> > > > RFC7800
> > > > while
> > > > the CBOR-based ones should use ID.ietf-ace-cwt-proof-of- 
> > > > possession.
> > > >
> > > >
> > > >
> > > > This correction goes for all the use of “cnf”, “req_cnf” and 
> > > > “rs_cnf”.
> > > >
> > > >
> > > >
> > > > Regards,
> > > >
> > > >
> > > >
> > > > Ludwig
> > > >
> > > >
> > > >
> > > > *From:* Ace <ace-bounces@ietf.org> *On Behalf Of *Brian Campbell
> > > > *Sent:* den 10 januari 2020 22:12
> > > > *To:* Ludwig Seitz <ludwig_seitz@gmx.de>
> > > > *Cc:* Roman Danyliw <rdd@cert.org>rg>; jwt-reg-review@ietf.org; Jim 
> > > > Schaad < ietf@augustcellars.com>gt;; The IESG <iesg@ietf.org>rg>; 
> > > > ace@ietf.org; drafts-lastcall@iana.org; Benjamin Kaduk 
> > > > <kaduk@mit.edu>
> > > > *Subject:* Re: [Ace] Requested review for IANA registration in 
> > > > draft-ietf-ace-oauth-params
> > > >
> > > >
> > > >
> > > > That  "rs_cnf" claim registration request in 9.1 points to 3.3 
> > > > which says it has 'the same syntax and semantics as defined in 
> > > > for the "rs_cnf"
> > > > parameter', which I think is in 4.1. And 4.1 says that the 
> > > > "rs_cnf"
> > > > values
> > > > 'follow the syntax of the "cnf" claim from section 3.1 of 
> > > > [I-D.ietf-ace-cwt-proof-of-possession].' Similar to other 
> > > > comments I've made today, I don't follow what that would mean 
> > > > for the value of the claim when it's a JWT. And that seems like 
> > > > something that's important to understand for the purpose of a 
> > > > JWT claims registry request.
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > On Sat, Dec 21, 2019 at 4:11 AM Ludwig Seitz 
> > > > <ludwig_seitz@gmx.de>
> > > > wrote:
> > > >
> > > > Hello JWT registry reviewers,
> > > >
> > > > the IESG-designated experts for the JWT claims registry have 
> > > > asked me to send a review request to you about the "rs_cnf" 
> > > > claim registered
> > > > here:
> > > >
> > > > https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%
> > > > 2Ftools.ietf.org%2Fhtml%2Fdraft-ietf-ace-oauth-params-&amp;data=
> > > > 02%7C01%7CMichael.Jones%40microsoft.com%7Ce74ace3192cb4a52723608
> > > > d7b4b60280%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C63717656
> > > > 6130863324&amp;sdata=0wG8HJXLxcR4YKWlF%2FFGZSB49uZ0u4bg89S2dhyz5
> > > > Ok%3D&amp;reserved=0
> > > > 07#section-
> > > > 9.1
> > > >
> > > > Thank you in advance for you review comments.
> > > >
> > > > Regards,
> > > >
> > > > Ludwig
> > > >
> > > > _______________________________________________
> > > > Ace mailing list
> > > > Ace@ietf.org
> > > > https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%
> > > > 2Fwww.ietf.org%2Fmailman%2Flistinfo%2Face&amp;data=02%7C01%7CMic
> > > > hael.Jones%40microsoft.com%7Ce74ace3192cb4a52723608d7b4b60280%7C
> > > > 72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637176566130863324&am
> > > > p;sdata=PmTfR3Vpg60L%2BF4Bp9lTFrh%2FpDHhff2b%2B%2FnvUxOXoFw%3D&a
> > > > mp;reserved=0
> > > >
> > > >
> > > > *CONFIDENTIALITY NOTICE: This email may contain confidential and 
> > > > privileged material for the sole use of the intended 
> > > > recipient(s).
> > > > Any
> > > > review, use, distribution or disclosure by others is strictly 
> > > > prohibited..
> > > > If you have received this communication in error, please notify 
> > > > the sender immediately by e-mail and delete the message and any 
> > > > file attachments from your computer. Thank you.*
> > > >
> > > >
> > > > *CONFIDENTIALITY NOTICE: This email may contain confidential and 
> > > > privileged material for the sole use of the intended 
> > > > recipient(s).
> > > > Any
> > > > review, use, distribution or disclosure by others is strictly 
> > > > prohibited.
> > > > If you have received this communication in error, please notify 
> > > > the sender immediately by e-mail and delete the message and any 
> > > > file attachments from your computer. Thank you.*
> > > >
> > >
> > > --
> > > _CONFIDENTIALITY NOTICE: This email may contain confidential and 
> > > privileged material for the sole use of the intended recipient(s). 
> > > Any review, use, distribution or disclosure by others is strictly 
> > > prohibited.  If you have received this communication in error, 
> > > please notify the sender immediately by e-mail and delete the 
> > > message and any file attachments from your computer. Thank you._

_______________________________________________
Jwt-reg-review mailing list
Jwt-reg-review@ietf.org
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fjwt-reg-review&amp;data=02%7C01%7CMichael.Jones%40microsoft.com%7Ce74ace3192cb4a52723608d7b4b60280%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637176566130863324&amp;sdata=9tgjsYDiXnBnToIQm6rOerAMj%2BqhFvur%2BdlDAySu618%3D&amp;reserved=0