[oauth-ext-review] Request to register OAuth parameters
Mike Jones <Michael.Jones@microsoft.com> Fri, 13 November 2015 19:47 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth-ext-review@ietfa.amsl.com
Delivered-To: oauth-ext-review@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C4DD1B2B55 for <oauth-ext-review@ietfa.amsl.com>; Fri, 13 Nov 2015 11:47:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3GNjR3AkqIDS for <oauth-ext-review@ietfa.amsl.com>; Fri, 13 Nov 2015 11:47:40 -0800 (PST)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2on0112.outbound.protection.outlook.com [65.55.169.112]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E09911B2B60 for <oauth-ext-review@ietf.org>; Fri, 13 Nov 2015 11:47:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=HxloDYOBXw0UhTY4fdZofLKdaoqvqVvORl2kIlzk7EE=; b=eRrbtjauDNwkA0RNjvgKPIUqN1oOCXN8xcJzp9soXpdYDR/WW8xRUPQW6OH9nHjUhHoiVISSaCrKTpQb42F7Y9UAQkW74Unv25lhHoWJeq9j7xYcSOjEIYd3DmNeKUpYzU8C5qjbfpyvLrAvCIi5116C8Bp7NnknIpKkjSVdYKs=
Received: from BY2PR03MB442.namprd03.prod.outlook.com (10.141.141.145) by BY2PR03MB443.namprd03.prod.outlook.com (10.141.141.152) with Microsoft SMTP Server (TLS) id 15.1.325.17; Fri, 13 Nov 2015 19:47:25 +0000
Received: from BY2PR03MB442.namprd03.prod.outlook.com ([10.141.141.145]) by BY2PR03MB442.namprd03.prod.outlook.com ([10.141.141.145]) with mapi id 15.01.0325.003; Fri, 13 Nov 2015 19:47:25 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "oauth-ext-review@ietf.org" <oauth-ext-review@ietf.org>
Thread-Topic: Request to register OAuth parameters
Thread-Index: AdEeTAkzE2BS47WtRpKjuvLiqlJbwg==
Date: Fri, 13 Nov 2015 19:47:24 +0000
Message-ID: <BY2PR03MB4424406C33CD644C5B95956F5110@BY2PR03MB442.namprd03.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [50.47.89.201]
x-microsoft-exchange-diagnostics: 1; BY2PR03MB443; 5:y/h2QupYq+4yEGn803g/COkMzRuws2KISCpzoC6cjJxlnbeiIuaqGPiQCG57kaHHYwd23xsHdw64dCh9w22/1a+d2N864/s/DWZ1JoXR1DvqF93/UYMruNF7vee0dGzsc2GPNUvNkUJ6aXHRnd1UDw==; 24:ncmfxBextXotG8M8CCBwEt8LLLJy2om3hR8b8AqVGKeX/G1BIMmLYL9DDKJCT+0J9X+ll6wlJzEVXIO9okcnzDfd6aZykq79p3NBL/81c+4=; 20:b61WsHOXCwdkTI0y1z6cfWAckdWEJOYFpxayHoabdUe0QDG9kzWovFUxiuhvJ3e1nmcugPZaJzpnzEhvYusxWQ==
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BY2PR03MB443;
x-microsoft-antispam-prvs: <BY2PR03MB4433BC1E48F0B6D0F1A84D8F5110@BY2PR03MB443.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(108003899814671);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425024)(601004)(2401047)(8121501046)(5005006)(520078)(3002001)(10201501046)(61426024)(61427024); SRVR:BY2PR03MB443; BCL:0; PCL:0; RULEID:; SRVR:BY2PR03MB443;
x-forefront-prvs: 0759F7A50A
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(50944005)(189002)(199003)(81156007)(2351001)(5004730100002)(122556002)(5001920100001)(110136002)(5002640100001)(5003600100002)(86612001)(5008740100001)(5007970100001)(74316001)(19617315012)(586003)(11100500001)(86362001)(40100003)(97736004)(66066001)(5001960100002)(76576001)(189998001)(54356999)(101416001)(19300405004)(15395725005)(50986999)(92566002)(2501003)(15975445007)(19580395003)(33656002)(16236675004)(19580405001)(10090500001)(87936001)(102836002)(10290500002)(99286002)(19609705001)(10400500002)(8990500004)(106356001)(19625215002)(77096005)(5005710100001)(105586002)(2900100001)(229853001)(569005); DIR:OUT; SFP:1102; SCL:1; SRVR:BY2PR03MB443; H:BY2PR03MB442.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_BY2PR03MB4424406C33CD644C5B95956F5110BY2PR03MB442namprd_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Nov 2015 19:47:25.0366 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR03MB443
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth-ext-review/LImiPF8LmFCblm8QhCSdXmoPcTY>
Cc: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Subject: [oauth-ext-review] Request to register OAuth parameters
X-BeenThere: oauth-ext-review@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Review of proposed IANA registrations for OAuth." <oauth-ext-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth-ext-review>, <mailto:oauth-ext-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth-ext-review/>
List-Post: <mailto:oauth-ext-review@ietf.org>
List-Help: <mailto:oauth-ext-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth-ext-review>, <mailto:oauth-ext-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Nov 2015 19:47:47 -0000
Dear Designated Experts and IANA, I am writing to you on behalf of the OpenID Connect Artifact Binding working group requesting to register the OAuth Dynamic Client Registration Metadata and OAuth Token Endpoint Authentication Methods parameters defined in http://openid.net/specs/openid-connect-registration-1_0-29.html#IANA. The individual registration requests are repeated below. These parameters were defined in the OpenID Dynamic Client Registration specification that became final in February, 2014. Now that the OAuth Dynamic Client Registration Metadata registry and the OAuth Token Endpoint Authentication Methods registries have been established at http://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtml#client-metadata and http://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtml#token-endpoint-auth-method, those parameters not already registered by RFC 7591 are now being registered. Thank you, -- Mike ________________________________ TOC <http://openid.net/specs/openid-connect-registration-1_0-29.html#toc> 10.1. OAuth Dynamic Client Registration Metadata Registration This specification registers the following client metadata definitions in the IANA "OAuth Dynamic Client Registration Metadata" registry [IANA.OAuth.Parameters]<http://openid.net/specs/openid-connect-registration-1_0-29.html#IANA.OAuth.Parameters> established by [RFC7591]<http://openid.net/specs/openid-connect-registration-1_0-29.html#RFC7591>: ________________________________ TOC <http://openid.net/specs/openid-connect-registration-1_0-29.html#toc> 10.1.1. Registry Contents * Client Metadata Name: application_type * Client Metadata Description: Kind of the application -- "native" or "web" * Change Controller: OpenID Foundation Artifact Binding Working Group - openid-specs-ab@lists.openid.net * Specification Document(s): Section 2 (Client Metadata)<http://openid.net/specs/openid-connect-registration-1_0-29.html#ClientMetadata> of this document * Client Metadata Name: sector_identifier_uri * Client Metadata Description: URL using the https scheme to be used in calculating Pseudonymous Identifiers by the OP * Change Controller: OpenID Foundation Artifact Binding Working Group - openid-specs-ab@lists.openid.net * Specification Document(s): Section 2 (Client Metadata)<http://openid.net/specs/openid-connect-registration-1_0-29.html#ClientMetadata> of this document * Client Metadata Name: subject_type * Client Metadata Description: subject_type requested for responses to this Client -- "pairwise" or "public" * Change Controller: OpenID Foundation Artifact Binding Working Group - openid-specs-ab@lists.openid.net * Specification Document(s): Section 2 (Client Metadata)<http://openid.net/specs/openid-connect-registration-1_0-29.html#ClientMetadata> of this document * Client Metadata Name: id_token_signed_response_alg * Client Metadata Description: JWS alg algorithm REQUIRED for signing the ID Token issued to this Client * Change Controller: OpenID Foundation Artifact Binding Working Group - openid-specs-ab@lists.openid.net * Specification Document(s): Section 2 (Client Metadata)<http://openid.net/specs/openid-connect-registration-1_0-29.html#ClientMetadata> of this document * Client Metadata Name: id_token_encrypted_response_alg * Client Metadata Description: JWE alg algorithm REQUIRED for encrypting the ID Token issued to this Client * Change Controller: OpenID Foundation Artifact Binding Working Group - openid-specs-ab@lists.openid.net * Specification Document(s): Section 2 (Client Metadata)<http://openid.net/specs/openid-connect-registration-1_0-29.html#ClientMetadata> of this document * Client Metadata Name: id_token_encrypted_response_enc * Client Metadata Description: JWE enc algorithm REQUIRED for encrypting the ID Token issued to this Client * Change Controller: OpenID Foundation Artifact Binding Working Group - openid-specs-ab@lists.openid.net * Specification Document(s): Section 2 (Client Metadata)<http://openid.net/specs/openid-connect-registration-1_0-29.html#ClientMetadata> of this document * Client Metadata Name: userinfo_signed_response_alg * Client Metadata Description: JWS alg algorithm REQUIRED for signing UserInfo Responses * Change Controller: OpenID Foundation Artifact Binding Working Group - openid-specs-ab@lists.openid.net * Specification Document(s): Section 2 (Client Metadata)<http://openid.net/specs/openid-connect-registration-1_0-29.html#ClientMetadata> of this document * Client Metadata Name: userinfo_encrypted_response_alg * Client Metadata Description: JWE alg algorithm REQUIRED for encrypting UserInfo Responses * Change Controller: OpenID Foundation Artifact Binding Working Group - openid-specs-ab@lists.openid.net * Specification Document(s): Section 2 (Client Metadata)<http://openid.net/specs/openid-connect-registration-1_0-29.html#ClientMetadata> of this document * Client Metadata Name: userinfo_encrypted_response_enc * Client Metadata Description: JWE enc algorithm REQUIRED for encrypting UserInfo Responses * Change Controller: OpenID Foundation Artifact Binding Working Group - openid-specs-ab@lists.openid.net * Specification Document(s): Section 2 (Client Metadata)<http://openid.net/specs/openid-connect-registration-1_0-29.html#ClientMetadata> of this document * Client Metadata Name: request_object_signing_alg * Client Metadata Description: JWS alg algorithm that MUST be used for signing Request Objects sent to the OP * Change Controller: OpenID Foundation Artifact Binding Working Group - openid-specs-ab@lists.openid.net * Specification Document(s): Section 2 (Client Metadata)<http://openid.net/specs/openid-connect-registration-1_0-29.html#ClientMetadata> of this document * Client Metadata Name: request_object_encryption_alg * Client Metadata Description: JWE alg algorithm the RP is declaring that it may use for encrypting Request Objects sent to the OP * Change Controller: OpenID Foundation Artifact Binding Working Group - openid-specs-ab@lists.openid.net * Specification Document(s): Section 2 (Client Metadata)<http://openid.net/specs/openid-connect-registration-1_0-29.html#ClientMetadata> of this document * Client Metadata Name: request_object_encryption_enc * Client Metadata Description: JWE enc algorithm the RP is declaring that it may use for encrypting Request Objects sent to the OP * Change Controller: OpenID Foundation Artifact Binding Working Group - openid-specs-ab@lists.openid.net * Specification Document(s): Section 2 (Client Metadata)<http://openid.net/specs/openid-connect-registration-1_0-29.html#ClientMetadata> of this document * Client Metadata Name: token_endpoint_auth_signing_alg * Client Metadata Description: JWS alg algorithm that MUST be used for signing the JWT used to authenticate the Client at the Token Endpoint for the private_key_jwt and client_secret_jwt authentication methods * Change Controller: OpenID Foundation Artifact Binding Working Group - openid-specs-ab@lists.openid.net * Specification Document(s): Section 2 (Client Metadata)<http://openid.net/specs/openid-connect-registration-1_0-29.html#ClientMetadata> of this document * Client Metadata Name: default_max_age * Client Metadata Description: Default Maximum Authentication Age * Change Controller: OpenID Foundation Artifact Binding Working Group - openid-specs-ab@lists.openid.net * Specification Document(s): Section 2 (Client Metadata)<http://openid.net/specs/openid-connect-registration-1_0-29.html#ClientMetadata> of this document * Client Metadata Name: require_auth_time * Client Metadata Description: Boolean value specifying whether the auth_time Claim in the ID Token is REQUIRED * Change Controller: OpenID Foundation Artifact Binding Working Group - openid-specs-ab@lists.openid.net * Specification Document(s): Section 2 (Client Metadata)<http://openid.net/specs/openid-connect-registration-1_0-29.html#ClientMetadata> of this document * Client Metadata Name: default_acr_values * Client Metadata Description: Default requested Authentication Context Class Reference values * Change Controller: OpenID Foundation Artifact Binding Working Group - openid-specs-ab@lists.openid.net * Specification Document(s): Section 2 (Client Metadata)<http://openid.net/specs/openid-connect-registration-1_0-29.html#ClientMetadata> of this document * Client Metadata Name: initiate_login_uri * Client Metadata Description: URI using the https scheme that a third party can use to initiate a login by the RP * Change Controller: OpenID Foundation Artifact Binding Working Group - openid-specs-ab@lists.openid.net * Specification Document(s): Section 2 (Client Metadata)<http://openid.net/specs/openid-connect-registration-1_0-29.html#ClientMetadata> of this document * Client Metadata Name: request_uris * Client Metadata Description: Array of request_uri values that are pre-registered by the RP for use at the OP * Change Controller: OpenID Foundation Artifact Binding Working Group - openid-specs-ab@lists.openid.net * Specification Document(s): Section 2 (Client Metadata)<http://openid.net/specs/openid-connect-registration-1_0-29.html#ClientMetadata> of this document ________________________________ TOC <http://openid.net/specs/openid-connect-registration-1_0-29.html#toc> 10.2. OAuth Token Endpoint Authentication Methods Registration This specification registers the following token endpoint authentication methods in the IANA "OAuth Token Endpoint Authentication Methods" registry [IANA.OAuth.Parameters]<http://openid.net/specs/openid-connect-registration-1_0-29.html#IANA.OAuth.Parameters> established by [RFC7591]<http://openid.net/specs/openid-connect-registration-1_0-29.html#RFC7591>: ________________________________ TOC <http://openid.net/specs/openid-connect-registration-1_0-29.html#toc> 10.2.1. Registry Contents * Token Endpoint Authentication Method Name: client_secret_jwt * Change Controller: OpenID Foundation Artifact Binding Working Group - openid-specs-ab@lists.openid.net * Specification Document(s): Section 9 of OpenID Connect Core 1.0 [OpenID.Core] (Sakimura, N., Bradley, J., Jones, M., de Medeiros, B., and C. Mortimore, "OpenID Connect Core 1.0," August 2015.)<http://openid.net/specs/openid-connect-registration-1_0-29.html#OpenID.Core> * Token Endpoint Authentication Method Name: private_key_jwt * Change Controller: OpenID Foundation Artifact Binding Working Group - openid-specs-ab@lists.openid.net * Specification Document(s): Section 9 of OpenID Connect Core 1.0 [OpenID.Core] (Sakimura, N., Bradley, J., Jones, M., de Medeiros, B., and C. Mortimore, "OpenID Connect Core 1.0," August 2015.)<http://openid.net/specs/openid-connect-registration-1_0-29.html#OpenID.Core>
- [oauth-ext-review] Request to register OAuth para… Mike Jones
- Re: [oauth-ext-review] Request to register OAuth … Hannes Tschofenig
- Re: [oauth-ext-review] Request to register OAuth … Mike Jones
- Re: [oauth-ext-review] Request to register OAuth … Hannes Tschofenig
- [oauth-ext-review] Fwd: Re: Request to register O… Hannes Tschofenig