Re: [oauth-ext-review] Proposal for a small extension to facilitate token management
Mike Jones <Michael.Jones@microsoft.com> Wed, 13 May 2020 21:27 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth-ext-review@ietfa.amsl.com
Delivered-To: oauth-ext-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 345943A093E for <oauth-ext-review@ietfa.amsl.com>; Wed, 13 May 2020 14:27:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.272
X-Spam-Level:
X-Spam-Status: No, score=-2.272 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.173, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Da9cGIowgw2v for <oauth-ext-review@ietfa.amsl.com>; Wed, 13 May 2020 14:27:16 -0700 (PDT)
Received: from NAM06-BL2-obe.outbound.protection.outlook.com (mail-eopbgr650134.outbound.protection.outlook.com [40.107.65.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 13A6F3A093D for <oauth-ext-review@ietf.org>; Wed, 13 May 2020 14:27:15 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EQ0SjAD2G36uRolBSZbpVNr732ldQKWm4e8OKhwUrNh4+iOcLP36c79rJTlICTbkPXJun6hUTuksKH/k2DUuLRw47xOR8YEK3D+KGKZ5z0P5cbIM+XEXFtJJnrpe+qyHsrlCjsM91RQfcN9GCSE759r/Mh6V0/NrIksPDVB3EB1TaYgWYmDVEkoA/YlhnNQrBwl9ULuiEgpVRoftSW1pwUbAKnlZkEL72olXrUJFHmk9/D4CWaxZmsAuJfSsVjDQTnNZ64QkaB1taskr8T61oYvIoMgT4Mb1Mm7YRiTgSCDcrrr6IWJz3W9djgPPytg2RD4ML7a4rmdtOGzBtbJk1A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LG8utxK++FVzabOuw2U93DVkA3+MPjRIUJTsPnBU2M0=; b=KTZAsbXZhRPxQkFsHW89kRR9HrbFTwvjw/lvc5ckcgROtZ20onTqw5c6iI6+YBUee7ZWV4o2mo6rYmjGCf9DEAsvaIZ4M4OHJn3Reei3x8E75HxQHnwjG5a+UuukZXhPicLH0IqkG6zhMETMv/+GqKj5PyOiPHbUdzYJ4jVt0VrOgzmiaIVeD67tyW1cdP9cGhYZ8M75ArRB1SZC/LT8sC3eJuTe0IteZMtHFlRwJT7/eTX0gLEgQDxYU5xzpuMfiPq6int/eUHmkC/i8yt4QsUB696tGhddz9HAIIs262kWyXulheyjxyORHZBJ5nziyxt/i1YVKSBlsc0yf0DAcw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LG8utxK++FVzabOuw2U93DVkA3+MPjRIUJTsPnBU2M0=; b=WbowJsI0Q77C8nbUKx1QazjPn17SA/Gz8/c11tIrtWxRttiF0NE2dNctIdvgVGxoxRUMZW+xkN4aWTD+v6k1pvIXcLfRdX8a6YLkh4dOcAweREPkO7RYHEVREi4kFIjyFxfDi7rGTTSHw+I5d/D4KGTnpwGlhstnty2s03ST6zA=
Received: from MN2PR00MB0688.namprd00.prod.outlook.com (2603:10b6:208:199::23) by MN2PR00MB0688.namprd00.prod.outlook.com (2603:10b6:208:199::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3043.0; Wed, 13 May 2020 21:27:13 +0000
Received: from MN2PR00MB0688.namprd00.prod.outlook.com ([fe80::d8ef:3352:9393:c073]) by MN2PR00MB0688.namprd00.prod.outlook.com ([fe80::d8ef:3352:9393:c073%7]) with mapi id 15.20.3042.000; Wed, 13 May 2020 21:27:13 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Breno de Medeiros <breno=40google.com@dmarc.ietf.org>, "oauth-ext-review@ietf.org" <oauth-ext-review@ietf.org>
Thread-Topic: [oauth-ext-review] Proposal for a small extension to facilitate token management
Thread-Index: AdYpbUJJOdM0MeQgReWKXy8mnBen9g==
Date: Wed, 13 May 2020 21:27:13 +0000
Message-ID: <MN2PR00MB0688A2A1310BE6D23F29F7BAF5BF0@MN2PR00MB0688.namprd00.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=b7312e08-5466-4b99-95b8-00002477ff69; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2020-05-13T21:26:18Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: dmarc.ietf.org; dkim=none (message not signed) header.d=none;dmarc.ietf.org; dmarc=none action=none header.from=microsoft.com;
x-originating-ip: [50.47.87.252]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: c9e0efa9-46ea-41af-4033-08d7f7846745
x-ms-traffictypediagnostic: MN2PR00MB0688:
x-microsoft-antispam-prvs: <MN2PR00MB0688B87BED0805FED75EF68FF5BF0@MN2PR00MB0688.namprd00.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0402872DA1
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: UidaTHaV3BRbb0D3nVrvNzVohC6lvB5VAiGxf5whRnrdMDA5jKLShVoMeQkZZ8RVnTNRLhfwWyUFfr97W9DcuNQDLipxYdmdgWRzgfv9UM7/VnWNY6uZ8cZLBugGC/3mefMbnpfEWAXvQx95bBTmb7xzbN3dF0Xv7dHJ8LPl61pKweTaXrm1QRFklx/fg+GBsVLPW6pVEZs0zxE1h7cIAUbMWljYCI3o3dWE+mPcIsUI3UXuGpKOz4fDIm3JT5xH1utfnaYgWH2zC2/ZJHeEW06dwFLur4vGzyz0wR9XmovmKiKyozJ1Ab3qUg3asVqFn388C3LfCpvDfgKExE3uM8Jh+qZ6fzSW4+LzoT2zLNc9AJ69A/xwKE60HhZ7FHeSPITgBB4HK7yNuTFDytIEN4DI8d6raCIwHyG5jAndAWA=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR00MB0688.namprd00.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(346002)(39860400002)(136003)(366004)(396003)(376002)(33430700001)(316002)(2906002)(52536014)(86362001)(33656002)(8936002)(82950400001)(110136005)(8676002)(82960400001)(5660300002)(76116006)(7696005)(53546011)(6506007)(66556008)(55016002)(66476007)(64756008)(66946007)(66446008)(8990500004)(71200400001)(478600001)(33440700001)(10290500003)(26005)(186003)(9686003); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: DDhz8rVFg+gGn9nVYU0ZNkccQi6tYb/0BJ5dCANZUtxSri4x7HPpJKNS8LvzzJgKFyT6+Acf1+RpiLaCokFy+gXjHOjqmwxd4tcrwQdg6F6vKpxYShHXe5bJgvzvNPjGPKAxm3gqGEydRjOjmSbfrn1zWrah92yLQdI8U2HA2bWxGTD66y/NhuoNdW4eokRAWmT6mv2hpTe9ZMJMgQEd6Vn1A8LRUsAhO8j1TMehfJh99rcmnm+9KIw0HLogsh2yHoQS4gfX/dTR2CTql7f+0MCsY90cGSE2EQx/lcQm4NTik2OKLAV+AgwV4YJ1SqguAXV7UWYcg9gc7Ri48yJphoxmOJdWyQbk7UFrrqMVYgADfMc04YAhZ4DWZdAmNXKgnBJ+pU+A0JGVXsXQKRsMyF6/Zfms5kR8W97Q1HpHoktAXR4NP9v5AW322tKHEg7kAH7wA8N6Jxz9p2V60Locph1Vzg7B9FDvr+z0Ow3tDZ4=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_MN2PR00MB0688A2A1310BE6D23F29F7BAF5BF0MN2PR00MB0688namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR00MB0688.namprd00.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: c9e0efa9-46ea-41af-4033-08d7f7846745
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 May 2020 21:27:13.4638 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: YAeOocfSotBxg4xoxH7eDaJGlrMcPU8H4B8jACjwXmUo853Htdv3a+5n285gJybfYCMZhGq6m4Mu/ul0X6u8Vw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR00MB0688
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth-ext-review/16GkUEewNreCtevXQLw5rSNyJPM>
Subject: Re: [oauth-ext-review] Proposal for a small extension to facilitate token management
X-BeenThere: oauth-ext-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Review of proposed IANA registrations for OAuth." <oauth-ext-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth-ext-review>, <mailto:oauth-ext-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth-ext-review/>
List-Post: <mailto:oauth-ext-review@ietf.org>
List-Help: <mailto:oauth-ext-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth-ext-review>, <mailto:oauth-ext-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 May 2020 21:27:18 -0000
I’d replied with this question on the day of your original request:
Is there a public URL for the specification defining these parameters? That is a required part of the registration request.
-- Mike
From: oauth-ext-review <oauth-ext-review-bounces@ietf.org> On Behalf Of Breno de Medeiros
Sent: Wednesday, May 13, 2020 2:21 PM
To: oauth-ext-review@ietf.org
Subject: Re: [oauth-ext-review] Proposal for a small extension to facilitate token management
Any feedback?
On Fri, Apr 17, 2020 at 12:05 PM Breno de Medeiros <breno@google.com<mailto:breno@google.com>> wrote:
In some situations we have encountered requests from clients to have more metadata associated with tokens to facilitate human comprehension and management.
I would like to suggest the following extension parameters for IANA registration, respectively an additional optional request and response parameter in the OAuth2 token endpoint:
token_description: Value is a quote-delimited, case-sensitive string including spaces. This is supposed to be a human-readable description of the token.
And a matched response parameter:
token_id: Value is base64 url-safe value representing a service-generated id.
ASes that support token_description and/or token_id MAY return these as part of token introspection endpoint responses or MAY display these to end users if they provide a token management interface. Otherwise it is out of scope for the specification where token_description or token_id is made visible or available.
ASes that support these parameters SHOULD publish for which grant types in the token endpoint they support these parameters.
Waiting on your feedback,
--
--Breno
--
--Breno
- [oauth-ext-review] Proposal for a small extension… Breno de Medeiros
- Re: [oauth-ext-review] Proposal for a small exten… Mike Jones
- Re: [oauth-ext-review] Proposal for a small exten… Mike Jones
- Re: [oauth-ext-review] Proposal for a small exten… Breno de Medeiros