Re: [oauth-ext-review] Proposal for a small extension to facilitate token management

Mike Jones <Michael.Jones@microsoft.com> Fri, 17 April 2020 19:24 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth-ext-review@ietfa.amsl.com
Delivered-To: oauth-ext-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 723EB3A1127 for <oauth-ext-review@ietfa.amsl.com>; Fri, 17 Apr 2020 12:24:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.267
X-Spam-Level:
X-Spam-Status: No, score=-2.267 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.168, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qNtMF1KfU0xO for <oauth-ext-review@ietfa.amsl.com>; Fri, 17 Apr 2020 12:24:37 -0700 (PDT)
Received: from NAM06-BL2-obe.outbound.protection.outlook.com (mail-eopbgr650112.outbound.protection.outlook.com [40.107.65.112]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B4D513A1124 for <oauth-ext-review@ietf.org>; Fri, 17 Apr 2020 12:24:36 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZQMjJc4cvtEd9fHmai7zqP5R1SUK3QDad+/tGvD6YJ1Cz4N4UYxTQvN2NM7iTjpJAgX7hmUbG4arC7ooaeF/y7CuPILknWRvz2U7Wbsu4xEde+LEG1EgXGJJW57O9KW/BK/8U6/u578B6HihQ7BnKN7BEHgnra5Ql5VnN9nLibRRbT2fslpoRdgQlZJykKDRcJT9bCtPkxPbc8exir9OW2iSuov+aadWInxNolzfexPNFRO3YRQffpTJ2Leiu/sqTqEWiip7+sHNJBdZOieappkbkzzaSAQD3Lbg0GtI6cHDk65tlIpwbMpp5xm00/yB+5GXBUJHbdsdL91eEpuwHg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=foxVEDX5IgQrtZEz7jtziC/d3iyCHle7/AOSSfX5Tgw=; b=LMD46+tJhBu0YI4LO035dYKeWO+wNJfhEzWmpwo+X+GZ24ykx0Vjn6L4+EW6YTv56jM9IWc24dG2ao1yQTag00etmc5G9CoSxzbfhNfAZDgInQtc0xjcKBEn73LJY0VTQxVTGtYZl3i8oX1mq/HF5FkvS/U6Sdb0dlMUT/mV+dnbHd/uRE59n1GmJ+JRRyA6ofNyNP/Uj/zNDYeGAnupErDseci0QzWBILfH9nPo3vW4aya+kCoXdqkEsVTQX3/+ethv47L77U7gGJM8FYOIQxz/tisSmnwCabmVcsYFOQAIyO6taqoj3fsVpLYHjg+hdszhy7BuVtpfZ2FdLoQDlQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=foxVEDX5IgQrtZEz7jtziC/d3iyCHle7/AOSSfX5Tgw=; b=ZnZo5U1adYQUmSXxahbZm9tcQXIEhlqhh/31O0rwDwewSloYr5Its4Ue/XtpyjL0wv2puCu+8eoF3fRyGcgci3Xpyae7vvjo0aYVX7XwNrshEJO252e5bPSsxWws8TnkHZ1UuRCIU//XF0h1lmr0yniKS0cf7FwAK50F4aJlnZQ=
Received: from DM6PR00MB0684.namprd00.prod.outlook.com (2603:10b6:5:21c::8) by DM6PR00MB0813.namprd00.prod.outlook.com (2603:10b6:5:1bc::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2962.0; Fri, 17 Apr 2020 19:24:35 +0000
Received: from DM6PR00MB0684.namprd00.prod.outlook.com ([fe80::2548:9224:76db:ada4]) by DM6PR00MB0684.namprd00.prod.outlook.com ([fe80::2548:9224:76db:ada4%4]) with mapi id 15.20.2962.000; Fri, 17 Apr 2020 19:24:35 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Breno de Medeiros <breno=40google.com@dmarc.ietf.org>, "oauth-ext-review@ietf.org" <oauth-ext-review@ietf.org>
Thread-Topic: [oauth-ext-review] Proposal for a small extension to facilitate token management
Thread-Index: AdYU7dINzlZin+WCRIKK/TP1o4HVjw==
Date: Fri, 17 Apr 2020 19:24:34 +0000
Message-ID: <DM6PR00MB0684F2E9642185DD1D1DC2E3F5D90@DM6PR00MB0684.namprd00.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=aa704323-adea-4c74-8ed3-00007874d089; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2020-04-17T19:23:40Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [50.47.87.252]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 5d590bb7-97db-4491-aa35-08d7e304f673
x-ms-traffictypediagnostic: DM6PR00MB0813:
x-microsoft-antispam-prvs: <DM6PR00MB0813FF73510A6642333292F1F5D90@DM6PR00MB0813.namprd00.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0376ECF4DD
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR00MB0684.namprd00.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(136003)(346002)(396003)(366004)(39860400002)(376002)(8990500004)(66476007)(66446008)(64756008)(66556008)(66946007)(5660300002)(33656002)(76116006)(52536014)(7696005)(2906002)(186003)(26005)(110136005)(6506007)(9686003)(71200400001)(55016002)(316002)(86362001)(82960400001)(82950400001)(81156014)(10290500003)(8676002)(8936002)(53546011)(478600001); DIR:OUT; SFP:1102;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: JQCw1VQsovfXtBA35vxZLkvGoy4MrwHjMoLXhkQUYut9nePwAPNLtppax8G1NJKfg7+FP1SffRwb2Z1wKbwbsfnYztPvdXIMVQpTd0Z5vbhU8m90vHheJW8oMB+sejcVIaDyJ6WmsJuQzy8fNQLZvtMMHnQyzBwlYaVjp7RhuFQkSPf9bsviXNs5NjF1wyF8GZADxzxYKeXdhp6oN7CUwL51ODExdBVRgSCdh5fCYkmMkhz66H5YvC5vhtcE2e/s+M5/Q8CB/F+5LLhIUmvYCrt0aqEd4B4Bmw8v9qMMq40LfQ+bydQCfjOMcSqG6QMPEw6f0hOUSQt76894OKHDqGi4lsSdpLqy39MT4M/lGT5wNqBpollICR6AI7dhqL/Kz6Gw9uQxJabrKaDCVfsmxDppVc0ZROufpyRLTnWIvDY/R3rbpFlNL86f+Ii8IEC+
x-ms-exchange-antispam-messagedata: +FNXH5TscZDCXozfKIMaw6aworTVbiw6GeK6GX17JxPmISo5GVa+cHFe93qHuViGzexqPZkxYYkmL8FoIL4jneDiT0Ayci8zY7eVf8kY++EyGhTEGRrTQBvTYAQNq9VedOVPZpzz3qKEtvfgpuomwS2hPKqiMkBWeIoM1xrVAvGivySVAUlUUXC/gzpX4Hrtns84oxPbB7immlNhmZMqx5Le1jl8Bmhn3SiF9pD1jgoNTWcLVBLxeszByHsjvUXbDyvB169pZ+9OdAn6nhBQXXKo+s7dTEHKWZUNlNHzfCuMcGaY6a/kR99zJldaNY5VNhc2PItdPhp7iWdOmt1rm1aAN5ExaWez0JXrbE3yKIkcTFU5b+VJdOE/TDfuj5bUj5UwkkZVpYymMBNKUPN/y+Y4gRhYWqSSLFYG9puXyf6oVEDjfWDG+1LbTsSr194nDR1l+YuT7+MHJiSRTSZHvYOvK0Ma/ncNRNRdaRpMDW189VYW2REOxLd1evgfOjCuaWbAM+MMUWkM0bTOowVkfzFxJw+JlYkAgFuW/gl7qpCDhbdei9peMLeIq90SmN37qDhsPbExirM/+cWwyS7IaAm9gBgBF4gZxBnNiJdabkKqi2+dCteVLD6CVKYtQHr4oT83wG3WkxTI5Ndq4lkglTAPZQvel33OIyASpkqmvoKlfxIgejTHUGXOHns0XJiK31vs2Kg0JVdvmjXt8Lw+WQv1Nv2GSk95qbprNrdvlocOmky/s4AKQvaot1AaKkzwd+3p+9PjQ4J+AyX8fIKOKVb/7g+IJwrlx18g5gFme34=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_DM6PR00MB0684F2E9642185DD1D1DC2E3F5D90DM6PR00MB0684namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 5d590bb7-97db-4491-aa35-08d7e304f673
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Apr 2020 19:24:34.8502 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: /8a/Z/Q9CgICUWFQblqNd+ryHrDvdPM0BeMsLzEgWps4imm1RG0XMqpfFTgiDm7wKA18GCgyH6r4DuuMGs/QAw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR00MB0813
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth-ext-review/uBAHEcXUqNVV0zy_Dr9iP5I4a5s>
Subject: Re: [oauth-ext-review] Proposal for a small extension to facilitate token management
X-BeenThere: oauth-ext-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Review of proposed IANA registrations for OAuth." <oauth-ext-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth-ext-review>, <mailto:oauth-ext-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth-ext-review/>
List-Post: <mailto:oauth-ext-review@ietf.org>
List-Help: <mailto:oauth-ext-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth-ext-review>, <mailto:oauth-ext-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Apr 2020 19:24:39 -0000

Is there a public URL for the specification defining these parameters?  That is a required part of the registration request.

                                                       -- Mike

From: oauth-ext-review <oauth-ext-review-bounces@ietf.org> On Behalf Of Breno de Medeiros
Sent: Friday, April 17, 2020 12:05 PM
To: oauth-ext-review@ietf.org
Subject: [oauth-ext-review] Proposal for a small extension to facilitate token management

In some situations we have encountered requests from clients to have more metadata associated with tokens to facilitate human comprehension and management.

I would like to suggest the following extension parameters for IANA registration, respectively an additional optional request and response parameter in the OAuth2 token endpoint:

token_description: Value is a quote-delimited, case-sensitive string including spaces. This is supposed to be a human-readable description of the token.

And a matched response parameter:

token_id: Value is base64 url-safe value representing a service-generated id.

ASes that support token_description and/or token_id MAY return these as part of token introspection endpoint responses or MAY display these to end users if they provide a token management interface. Otherwise it is out of scope for the specification where token_description or token_id is made visible or available.

ASes that support these parameters SHOULD publish for which grant types in the token endpoint they support these parameters.

Waiting on your feedback,

--

--Breno