Re: [oauth-ext-review] Request to register OAuth parameters
Mike Jones <Michael.Jones@microsoft.com> Wed, 25 November 2015 04:57 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth-ext-review@ietfa.amsl.com
Delivered-To: oauth-ext-review@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AED581A9006 for <oauth-ext-review@ietfa.amsl.com>; Tue, 24 Nov 2015 20:57:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lqC6RQqWdyJw for <oauth-ext-review@ietfa.amsl.com>; Tue, 24 Nov 2015 20:57:40 -0800 (PST)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0111.outbound.protection.outlook.com [207.46.100.111]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2D01C1A8A6C for <oauth-ext-review@ietf.org>; Tue, 24 Nov 2015 20:57:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=OuESM74AeqY50blNaUVC/bVu8ShhCWV1EWsZWlyRH3k=; b=HHZGXnFqBLKxF62vxJrfSsi7ckSJO1URndNcJW7G4atPnB5DwW1DyH7N9ddAerbjmSToWhrTi6aYCJ3MMNqyIHn81pdr66FD4MUwki+5gC6HpNj5xSFxXGkkjGHKeNZwCHxv2CvQKC+aO5QXz5nPnuqiogATo2WJtqgl7dIqi/8=
Received: from BY2PR03MB442.namprd03.prod.outlook.com (10.141.141.145) by BY2PR03MB442.namprd03.prod.outlook.com (10.141.141.145) with Microsoft SMTP Server (TLS) id 15.1.331.20; Wed, 25 Nov 2015 04:57:37 +0000
Received: from BY2PR03MB442.namprd03.prod.outlook.com ([10.141.141.145]) by BY2PR03MB442.namprd03.prod.outlook.com ([10.141.141.145]) with mapi id 15.01.0331.023; Wed, 25 Nov 2015 04:57:37 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>, "oauth-ext-review@ietf.org" <oauth-ext-review@ietf.org>
Thread-Topic: Request to register OAuth parameters
Thread-Index: AdEeTAkzE2BS47WtRpKjuvLiqlJbwgIYCTkAACQ61mA=
Date: Wed, 25 Nov 2015 04:57:35 +0000
Message-ID: <BY2PR03MB442D8119F0D936B3B18A335F5050@BY2PR03MB442.namprd03.prod.outlook.com>
References: <BY2PR03MB4424406C33CD644C5B95956F5110@BY2PR03MB442.namprd03.prod.outlook.com> <56544B70.2090502@gmx.net>
In-Reply-To: <56544B70.2090502@gmx.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [50.47.85.157]
x-microsoft-exchange-diagnostics: 1; BY2PR03MB442; 5:CYAEoqEgsk5mhkaUu4DjtXCXyH+vqjmXD2gWvQRKW90sBo8dABnXr/8trte38vb9JkDbAhFqQiOvAVFFGrITGBtHsa42lf5BVd5YQQsnoq2S39fVSicUzXPlMMjsNjobGVhpCNSYx5t1TTYgMQYf3w==; 24:nmVy0SWVfmi5E0kwTPBZcHY3QO87T51cfyN6TIxN9AE5dZ7+YCBLDCf2ctKiGgudZ4VpeByxcgN2nueK/HDWWrNSt3ntQJzD+v6lm+oe5gk=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BY2PR03MB442;
x-microsoft-antispam-prvs: <BY2PR03MB442AE6EF7DC25E64E7B3F97F5050@BY2PR03MB442.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(108003899814671);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425024)(601004)(2401047)(8121501046)(5005006)(520078)(3002001)(10201501046)(61426024)(61427024); SRVR:BY2PR03MB442; BCL:0; PCL:0; RULEID:; SRVR:BY2PR03MB442;
x-forefront-prvs: 0771670921
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(13464003)(479174004)(377454003)(51914003)(189002)(50944005)(24454002)(199003)(10090500001)(5003600100002)(5002640100001)(586003)(5005710100001)(92566002)(10400500002)(3846002)(76176999)(76576001)(10290500002)(102836003)(50986999)(107886002)(106356001)(105586002)(5001960100002)(189998001)(99286002)(6116002)(8990500004)(2900100001)(86362001)(5004730100002)(81156007)(40100003)(97736004)(5007970100001)(2950100001)(87936001)(5001770100001)(33656002)(2501003)(5008740100001)(15975445007)(74316001)(11100500001)(101416001)(66066001)(122556002)(77096005)(15395725005)(86612001)(19580395003)(19580405001)(54356999); DIR:OUT; SFP:1102; SCL:1; SRVR:BY2PR03MB442; H:BY2PR03MB442.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Nov 2015 04:57:35.8969 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR03MB442
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth-ext-review/Po70MV_iC5PB9WMGjqwWqdHy8TU>
Subject: Re: [oauth-ext-review] Request to register OAuth parameters
X-BeenThere: oauth-ext-review@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Review of proposed IANA registrations for OAuth." <oauth-ext-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth-ext-review>, <mailto:oauth-ext-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth-ext-review/>
List-Post: <mailto:oauth-ext-review@ietf.org>
List-Help: <mailto:oauth-ext-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth-ext-review>, <mailto:oauth-ext-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Nov 2015 04:57:48 -0000
All the existing OpenID Connect registrations at http://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtml already list the OpenID Foundation Artifact Binding Working Group as the change controller. Consistency argues for all them being the same. Given that the OpenID Foundation is listed, should the working group be closed, the foundation would be able to take over as the change controller anyway. -- Mike -----Original Message----- From: Hannes Tschofenig [mailto:hannes.tschofenig@gmx.net] Sent: Tuesday, November 24, 2015 3:35 AM To: Mike Jones <Michael.Jones@microsoft.com>; oauth-ext-review@ietf.org Subject: Re: Request to register OAuth parameters Hi Mike, thanks for the request. I have read through the list of items and I don't see a problem with the proposed entries to the two registries. Hence, I approve them. I only have one minor question: Do you think that the change controller should be the 'OpenID Foundation Artifact Binding Working Group'? I would have rather said that it would better be the OpenID Foundation in general since that specific working group may not exist forever. To IANA: Use the text from the original email since the text below seems to be garbled. Also note that the words 'Section 2 of this document' refer to Section 2 of this specification: http://openid.net/specs/openid-connect-registration-1_0-29.html Ciao Hannes On 11/13/2015 08:47 PM, Mike Jones wrote: > Dear Designated Experts and IANA, > > > > I am writing to you on behalf of the OpenID Connect Artifact Binding > working group requesting to register the OAuth Dynamic Client > Registration Metadata and OAuth Token Endpoint Authentication Methods > parameters defined in > http://openid.net/specs/openid-connect-registration-1_0-29.html#IANA. > The individual registration requests are repeated below. > > > > These parameters were defined in the OpenID Dynamic Client > Registration specification that became final in February, 2014. Now > that the OAuth Dynamic Client Registration Metadata registry and the > OAuth Token Endpoint Authentication Methods registries have been > established at > http://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtm > l#client-metadata > and > http://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtm > l#token-endpoint-auth-method, those parameters not already registered > by RFC 7591 are now being registered. > > > > Thank you, > > -- Mike > > > > ---------------------------------------------------------------------- > -- > > * TOC * > <http://openid.net/specs/openid-connect-registration-1_0-29.html#toc> > > > 10.1. OAuth Dynamic Client Registration Metadata Registration > > This specification registers the following client metadata definitions > in the IANA "OAuth Dynamic Client Registration Metadata" registry > [IANA.OAuth.Parameters] > <http://openid.net/specs/openid-connect-registration-1_0-29.html#IANA. > OAuth.Parameters> > established by [RFC7591] > <http://openid.net/specs/openid-connect-registration-1_0-29.html#RFC7591>: > > > > ---------------------------------------------------------------------- > -- > > * TOC * > <http://openid.net/specs/openid-connect-registration-1_0-29.html#toc> > > > 10.1.1. Registry Contents > > * Client Metadata Name: application_type > > * Client Metadata Description: Kind of the application -- > "native" or "web" > > * Change Controller: OpenID Foundation Artifact Binding Working > Group - openid-specs-ab@lists.openid.net > > * Specification Document(s): Section 2 (Client Metadata) > <http://openid.net/specs/openid-connect-registration-1_0-29.html#Clien > tMetadata> > of this document > > * Client Metadata Name: sector_identifier_uri > > * Client Metadata Description: URL using the httpsscheme to be > used in calculating Pseudonymous Identifiers by the OP > > * Change Controller: OpenID Foundation Artifact Binding Working > Group - openid-specs-ab@lists.openid.net > > * Specification Document(s): Section 2 (Client Metadata) > <http://openid.net/specs/openid-connect-registration-1_0-29.html#Clien > tMetadata> > of this document > > * Client Metadata Name: subject_type > > * Client Metadata Description: subject_typerequested for > responses to this Client -- "pairwise" or "public" > > * Change Controller: OpenID Foundation Artifact Binding Working > Group - openid-specs-ab@lists.openid.net > > * Specification Document(s): Section 2 (Client Metadata) > <http://openid.net/specs/openid-connect-registration-1_0-29.html#Clien > tMetadata> > of this document > > * Client Metadata Name: id_token_signed_response_alg > > * Client Metadata Description: JWS algalgorithm REQUIRED for > signing the ID Token issued to this Client > > * Change Controller: OpenID Foundation Artifact Binding Working > Group - openid-specs-ab@lists.openid.net > > * Specification Document(s): Section 2 (Client Metadata) > <http://openid.net/specs/openid-connect-registration-1_0-29.html#Clien > tMetadata> > of this document > > * Client Metadata Name: id_token_encrypted_response_alg > > * Client Metadata Description: JWE algalgorithm REQUIRED for > encrypting the ID Token issued to this Client > > * Change Controller: OpenID Foundation Artifact Binding Working > Group - openid-specs-ab@lists.openid.net > > * Specification Document(s): Section 2 (Client Metadata) > <http://openid.net/specs/openid-connect-registration-1_0-29.html#Clien > tMetadata> > of this document > > * Client Metadata Name: id_token_encrypted_response_enc > > * Client Metadata Description: JWE encalgorithm REQUIRED for > encrypting the ID Token issued to this Client > > * Change Controller: OpenID Foundation Artifact Binding Working > Group - openid-specs-ab@lists.openid.net > > * Specification Document(s): Section 2 (Client Metadata) > <http://openid.net/specs/openid-connect-registration-1_0-29.html#Clien > tMetadata> > of this document > > * Client Metadata Name: userinfo_signed_response_alg > > * Client Metadata Description: JWS algalgorithm REQUIRED for > signing UserInfo Responses > > * Change Controller: OpenID Foundation Artifact Binding Working > Group - openid-specs-ab@lists.openid.net > > * Specification Document(s): Section 2 (Client Metadata) > <http://openid.net/specs/openid-connect-registration-1_0-29.html#Clien > tMetadata> > of this document > > * Client Metadata Name: userinfo_encrypted_response_alg > > * Client Metadata Description: JWE algalgorithm REQUIRED for > encrypting UserInfo Responses > > * Change Controller: OpenID Foundation Artifact Binding Working > Group - openid-specs-ab@lists.openid.net > > * Specification Document(s): Section 2 (Client Metadata) > <http://openid.net/specs/openid-connect-registration-1_0-29.html#Clien > tMetadata> > of this document > > * Client Metadata Name: userinfo_encrypted_response_enc > > * Client Metadata Description: JWE encalgorithm REQUIRED for > encrypting UserInfo Responses > > * Change Controller: OpenID Foundation Artifact Binding Working > Group - openid-specs-ab@lists.openid.net > > * Specification Document(s): Section 2 (Client Metadata) > <http://openid.net/specs/openid-connect-registration-1_0-29.html#Clien > tMetadata> > of this document > > * Client Metadata Name: request_object_signing_alg > > * Client Metadata Description: JWS algalgorithm that MUST be used > for signing Request Objects sent to the OP > > * Change Controller: OpenID Foundation Artifact Binding Working > Group - openid-specs-ab@lists.openid.net > > * Specification Document(s): Section 2 (Client Metadata) > <http://openid.net/specs/openid-connect-registration-1_0-29.html#Clien > tMetadata> > of this document > > * Client Metadata Name: request_object_encryption_alg > > * Client Metadata Description: JWE algalgorithm the RP is > declaring that it may use for encrypting Request Objects sent to the > OP > > * Change Controller: OpenID Foundation Artifact Binding Working > Group - openid-specs-ab@lists.openid.net > > * Specification Document(s): Section 2 (Client Metadata) > <http://openid.net/specs/openid-connect-registration-1_0-29.html#Clien > tMetadata> > of this document > > * Client Metadata Name: request_object_encryption_enc > > * Client Metadata Description: JWE encalgorithm the RP is > declaring that it may use for encrypting Request Objects sent to the > OP > > * Change Controller: OpenID Foundation Artifact Binding Working > Group - openid-specs-ab@lists.openid.net > > * Specification Document(s): Section 2 (Client Metadata) > <http://openid.net/specs/openid-connect-registration-1_0-29.html#Clien > tMetadata> > of this document > > * Client Metadata Name: token_endpoint_auth_signing_alg > > * Client Metadata Description: JWS algalgorithm that MUST be used > for signing the JWT used to authenticate the Client at the Token > Endpoint for the private_key_jwtand client_secret_jwtauthentication > methods > > * Change Controller: OpenID Foundation Artifact Binding Working > Group - openid-specs-ab@lists.openid.net > > * Specification Document(s): Section 2 (Client Metadata) > <http://openid.net/specs/openid-connect-registration-1_0-29.html#Clien > tMetadata> > of this document > > * Client Metadata Name: default_max_age > > * Client Metadata Description: Default Maximum Authentication Age > > * Change Controller: OpenID Foundation Artifact Binding Working > Group - openid-specs-ab@lists.openid.net > > * Specification Document(s): Section 2 (Client Metadata) > <http://openid.net/specs/openid-connect-registration-1_0-29.html#Clien > tMetadata> > of this document > > * Client Metadata Name: require_auth_time > > * Client Metadata Description: Boolean value specifying whether > the auth_timeClaim in the ID Token is REQUIRED > > * Change Controller: OpenID Foundation Artifact Binding Working > Group - openid-specs-ab@lists.openid.net > > * Specification Document(s): Section 2 (Client Metadata) > <http://openid.net/specs/openid-connect-registration-1_0-29.html#Clien > tMetadata> > of this document > > * Client Metadata Name: default_acr_values > > * Client Metadata Description: Default requested Authentication > Context Class Reference values > > * Change Controller: OpenID Foundation Artifact Binding Working > Group - openid-specs-ab@lists.openid.net > > * Specification Document(s): Section 2 (Client Metadata) > <http://openid.net/specs/openid-connect-registration-1_0-29.html#Clien > tMetadata> > of this document > > * Client Metadata Name: initiate_login_uri > > * Client Metadata Description: URI using the httpsscheme that a > third party can use to initiate a login by the RP > > * Change Controller: OpenID Foundation Artifact Binding Working > Group - openid-specs-ab@lists.openid.net > > * Specification Document(s): Section 2 (Client Metadata) > <http://openid.net/specs/openid-connect-registration-1_0-29.html#Clien > tMetadata> > of this document > > * Client Metadata Name: request_uris > > * Client Metadata Description: Array of request_urivalues that > are pre-registered by the RP for use at the OP > > * Change Controller: OpenID Foundation Artifact Binding Working > Group - openid-specs-ab@lists.openid.net > > * Specification Document(s): Section 2 (Client Metadata) > <http://openid.net/specs/openid-connect-registration-1_0-29.html#Clien > tMetadata> > of this document > > > > ---------------------------------------------------------------------- > -- > > * TOC * > <http://openid.net/specs/openid-connect-registration-1_0-29.html#toc> > > > 10.2. OAuth Token Endpoint Authentication Methods Registration > > This specification registers the following token endpoint > authentication methods in the IANA "OAuth Token Endpoint Authentication Methods" > registry [IANA.OAuth.Parameters] > <http://openid.net/specs/openid-connect-registration-1_0-29.html#IANA. > OAuth.Parameters> > established by [RFC7591] > <http://openid.net/specs/openid-connect-registration-1_0-29.html#RFC7591>: > > > > ---------------------------------------------------------------------- > -- > > * TOC * > <http://openid.net/specs/openid-connect-registration-1_0-29.html#toc> > > > 10.2.1. Registry Contents > > * Token Endpoint Authentication Method Name: client_secret_jwt > > * Change Controller: OpenID Foundation Artifact Binding Working > Group - openid-specs-ab@lists.openid.net > > * Specification Document(s): Section 9 of OpenID Connect Core 1.0 > [OpenID.Core] (Sakimura, N., Bradley, J., Jones, M., de Medeiros, B., > and C. Mortimore, "OpenID Connect Core 1.0," August 2015.) > <http://openid.net/specs/openid-connect-registration-1_0-29.html#OpenI > D.Core> > > > * Token Endpoint Authentication Method Name: private_key_jwt > > * Change Controller: OpenID Foundation Artifact Binding Working > Group - openid-specs-ab@lists.openid.net > > * Specification Document(s): Section 9 of OpenID Connect Core 1.0 > [OpenID.Core] (Sakimura, N., Bradley, J., Jones, M., de Medeiros, B., > and C. Mortimore, "OpenID Connect Core 1.0," August 2015.) > <http://openid.net/specs/openid-connect-registration-1_0-29.html#OpenI > D.Core> > > > >
- [oauth-ext-review] Request to register OAuth para… Mike Jones
- Re: [oauth-ext-review] Request to register OAuth … Hannes Tschofenig
- Re: [oauth-ext-review] Request to register OAuth … Mike Jones
- Re: [oauth-ext-review] Request to register OAuth … Hannes Tschofenig
- [oauth-ext-review] Fwd: Re: Request to register O… Hannes Tschofenig