Re: [Jwt-reg-review] Request to Register JWT Confirmation Method: x5t#S256

Mike Jones <Michael.Jones@microsoft.com> Fri, 06 September 2019 07:59 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jwt-reg-review@ietfa.amsl.com
Delivered-To: jwt-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 131DC120099 for <jwt-reg-review@ietfa.amsl.com>; Fri, 6 Sep 2019 00:59:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MH8JnaDKaN3l for <jwt-reg-review@ietfa.amsl.com>; Fri, 6 Sep 2019 00:59:44 -0700 (PDT)
Received: from NAM06-BL2-obe.outbound.protection.outlook.com (mail-eopbgr650114.outbound.protection.outlook.com [40.107.65.114]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 26AD9120088 for <jwt-reg-review@ietf.org>; Fri, 6 Sep 2019 00:59:44 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=khVAiIMiqMyPRdf1oFqhjGWM+QReIQpvwEW2u5GDJ/V7l016jmBaQBCxRJimxFwX4FNVj2LCILuDsqogV1OIbNScfiUbYyQA5i5sOkX0juyHfBf9hMdoW8Y56ctI4PWz14+9L6ppXxfEvyLHIOrOdf6jh10YyFfgxTVRuk8s80L7FkcWs8Q2+91jmRE1/sMqEmxthu848+Vm1gzv3hvKNOnywZ57m8VRq7z6ZGc25y6LPmBGofYDzL1uoquBgMEgxTiohEl/Bando2n+kby34MwA8b1YmvNRzaDLfo1qz9yW73mU+4Ijfel1CETbS6Qes08EDqrf/24PLhu+sQClDg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dzaHTL3yqNsPBFkVXHO4O3NREuUJhHEL4Kj++2pGcew=; b=c0iFe/CtOOXCtNgS2cbDwcwqKNg64OhZekaj9d06IChv/GtXx5xMEuzVJvvb+BkWwBLw6o7uobGsknHNdR/RLDxDF7BUpMpHJ5Ywj6ezrOqJmQcfwca8f3N7IPDkSkSZELbuj9GqN0BtuShYUOZh6zvwUybybazp7WTLEyc0rNLV1WxUF//yONgsMWAkqG5xxBQ7tJvzBlAneVvJtQJNc/o9SsQ/qxQQ+Zo8xTdmc8WIEI3Y1c8G/dntJk1dSdSQRKmltimAeRs3Ptz/N/rfQJr/1FtjBvrfVxYZdxomIIOGbjH6h5TdJOof7h/icnPIrio61NGX8VDpHpPxGIrlHQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dzaHTL3yqNsPBFkVXHO4O3NREuUJhHEL4Kj++2pGcew=; b=FSenHiYySQEB6RWin2t1aWrxXOP/zgbBMfqwngWBx05R+z9zWaYHRZmx92ulv7U+6At1+CdusbAZOKPK5KWjTP2OjPLQSPDPV78b/iLtsnYCy0gMz6gvKbOiGEqAbvzEimZVSjjd08Lhhkpdd99PEkjXzt86Yn72fSoxKFQU80Y=
Received: from BYAPR00MB0565.namprd00.prod.outlook.com (20.179.56.23) by BYAPR00MB0552.namprd00.prod.outlook.com (20.178.207.217) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2282.0; Fri, 6 Sep 2019 07:59:40 +0000
Received: from BYAPR00MB0565.namprd00.prod.outlook.com ([fe80::140d:8c6e:fcd6:dd1c]) by BYAPR00MB0565.namprd00.prod.outlook.com ([fe80::140d:8c6e:fcd6:dd1c%9]) with mapi id 15.20.2282.000; Fri, 6 Sep 2019 07:59:40 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Brian Campbell <bcampbell=40pingidentity.com@dmarc.ietf.org>, "jwt-reg-review@ietf.org" <jwt-reg-review@ietf.org>, Hannes Tschofenig <Hannes.Tschofenig@arm.com>, John Bradley <ve7jtb@ve7jtb.com>
Thread-Topic: [Jwt-reg-review] Request to Register JWT Confirmation Method: x5t#S256
Thread-Index: AQHVUgNFvUlOjp0A7EyEwBCfsO1XxKb8qVQAgCHEjKk=
Date: Fri, 6 Sep 2019 07:59:40 +0000
Message-ID: <BYAPR00MB0565B582E44FC238DFF3E242F5BA0@BYAPR00MB0565.namprd00.prod.outlook.com>
References: <CA+k3eCSqqCuftgZuNJm5bevWni8p4XS3u0Ou2vO=JA2QuxJ_HQ@mail.gmail.com>, <CA+k3eCQNf0xbDPcD-6pimwkK=-maa+Vn6UGPxpsu5z9Nnt3zcg@mail.gmail.com>
In-Reply-To: <CA+k3eCQNf0xbDPcD-6pimwkK=-maa+Vn6UGPxpsu5z9Nnt3zcg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [94.230.153.108]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 6b94dd7a-3d1e-4b37-2e75-08d732a02b90
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600166)(711020)(4605104)(1401327)(4618075)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:BYAPR00MB0552;
x-ms-traffictypediagnostic: BYAPR00MB0552:
x-ms-exchange-purlcount: 3
x-microsoft-antispam-prvs: <BYAPR00MB055239D52FFD5A1C7986AA37F5BA0@BYAPR00MB0552.namprd00.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0152EBA40F
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(136003)(346002)(39860400002)(366004)(376002)(396003)(51444003)(199004)(189003)(8936002)(19627405001)(76176011)(6606003)(8676002)(81156014)(81166006)(33656002)(6246003)(236005)(9686003)(54896002)(53936002)(86362001)(256004)(14444005)(5024004)(26005)(486006)(71190400001)(71200400001)(6506007)(66066001)(476003)(11346002)(446003)(7696005)(22452003)(316002)(186003)(102836004)(53546011)(110136005)(99286004)(2906002)(966005)(14454004)(8990500004)(91956017)(76116006)(3846002)(6116002)(10090500001)(52536014)(606006)(6436002)(478600001)(229853002)(10290500003)(7736002)(74316002)(55016002)(6306002)(25786009)(66556008)(66476007)(66946007)(5660300002)(64756008)(2501003)(66446008); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR00MB0552; H:BYAPR00MB0565.namprd00.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: RGwKO5zlkMlx1THU5Ksgp+LMOMa/vBglHzAS9+dR8f/0Gwmd4YEK79kQwPt5epl1e9O0NzjQKHVo9q04x0oCCEfmEulOCLnKckYWeyUrP1OI3Mwxja/ORVzm7JVDb6nQBUEPRwTmHPPfwR+UdpBSU8wZucb36QI/vpXggGipZs3jBCfHTMnxcTwLFYvHPr3xQDM1A4ol8sDbGRT7SCnXJYTc/joMrV3fBRrBjCwbGdh1+EGj5ft61UsTax3dXuw5Wx9miqm3/StRB2Gwn6d8COUSt/K6aWh2N6L/mZhjVf/TRYXS5feEZuIr88oHNTcKvCoAl6djDoGjahN+vkZbNx9Ro+bmcmK6ncnXYGwBkaK9INTlFehCgMRw+gxqpMav+v/UjoxpmVPYA3VOOXZAqcCEM6Sx7wwywnUXbJwtTz0=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BYAPR00MB0565B582E44FC238DFF3E242F5BA0BYAPR00MB0565namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6b94dd7a-3d1e-4b37-2e75-08d732a02b90
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Sep 2019 07:59:40.1441 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: AD4Y5Ox6WzxPKEV2JSUxRJTo/3jt+S0tz4T7yeLwl07se9nf388Q/Xav8emuAtZ4wo1fCuFbWSmaFkadviaR7A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR00MB0552
Archived-At: <https://mailarchive.ietf.org/arch/msg/jwt-reg-review/UMDpnEX7OWbOA2naM-XFPCDG6cc>
Subject: Re: [Jwt-reg-review] Request to Register JWT Confirmation Method: x5t#S256
X-BeenThere: jwt-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Expert review of proposed IANA registrations for JSON Web Token \(JWT\) claims." <jwt-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jwt-reg-review/>
List-Post: <mailto:jwt-reg-review@ietf.org>
List-Help: <mailto:jwt-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Sep 2019 07:59:47 -0000

As a designated expert, I approve of the registration of the "x5t#S256" JWT confirmation method.


-- Mike

________________________________
From: Jwt-reg-review <jwt-reg-review-bounces@ietf.org>; on behalf of Brian Campbell <bcampbell=40pingidentity.com@dmarc.ietf.org>;
Sent: Thursday, August 15, 2019 1:19:02 PM
To: jwt-reg-review@ietf.org <jwt-reg-review@ietf.org>;; Hannes Tschofenig <Hannes.Tschofenig@arm.com>;; John Bradley <ve7jtb@ve7jtb.com>;
Subject: Re: [Jwt-reg-review] Request to Register JWT Confirmation Method: x5t#S256

Looking at https://www.iana.org/assignments/jwt/jwt.xhtml#confirmation-methods<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.iana.org%2Fassignments%2Fjwt%2Fjwt.xhtml%23confirmation-methods&data=02%7C01%7CMichael.Jones%40microsoft.com%7C6c9070f97eee42ffabaf08d721bde3dd%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637014971775562898&sdata=WAzLW97QBoGdYE3uKyo%2BSefK9tRIH2%2BMRkoFN0xwDy0%3D&reserved=0> I see the DEs for the Confirmation Methods are John Bradley and Hannes Tschofenig. John is a co-author of the document in question so his approval is implied but also could be perceived as creating a conflict of interest. So per https://tools.ietf.org/html/rfc7800#section-6<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Frfc7800%23section-6&data=02%7C01%7CMichael.Jones%40microsoft.com%7C6c9070f97eee42ffabaf08d721bde3dd%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637014971775572892&sdata=wPHyeJPnLaqB6htdX8nCamaVcIycD0i%2BpIxZGTNPf5k%3D&reserved=0> I think that means that this should be "defer[ed] to the judgment of the other Experts". The other experts are Hannes. Hannes co-chairs the WG that the document came out of so I'd hope and expect that he'd approve of the registration too. But I'll request that he respond in the affirmative to this message just for procedural sake.







On Tue, Aug 13, 2019 at 12:16 PM Brian Campbell <bcampbell@pingidentity.com<mailto:bcampbell@pingidentity.com>> wrote:
Please review the registration request for the "x5t#S256" JWT confirmation method found in section 9.1 of draft-ietf-oauth-mtls at https://tools.ietf.org/html/draft-ietf-oauth-mtls-16#section-9.1<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-ietf-oauth-mtls-16%23section-9.1&data=02%7C01%7CMichael.Jones%40microsoft.com%7C6c9070f97eee42ffabaf08d721bde3dd%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637014971775572892&sdata=kujgq25%2F2nJo0zmof%2BcBVOcS0zxWg8bcb0hqp%2BEGDFs%3D&reserved=0>

Thank you,
Brian Campbell - draft-ietf-oauth-mtls co-author

CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited..  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.