Re: [oauth-ext-review] Registration of the new OAuth client registration parameter
Michael Jones <michael_b_jones@hotmail.com> Thu, 11 April 2024 14:07 UTC
Return-Path: <michael_b_jones@hotmail.com>
X-Original-To: oauth-ext-review@ietfa.amsl.com
Delivered-To: oauth-ext-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F018C14F699 for <oauth-ext-review@ietfa.amsl.com>; Thu, 11 Apr 2024 07:07:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.222
X-Spam-Level:
X-Spam-Status: No, score=-0.222 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FORGED_HOTMAIL_RCVD2=0.874, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hotmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Uff_NLdVfUzB for <oauth-ext-review@ietfa.amsl.com>; Thu, 11 Apr 2024 07:07:42 -0700 (PDT)
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02olkn2069.outbound.protection.outlook.com [40.92.44.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 49377C14F5FB for <oauth-ext-review@ietf.org>; Thu, 11 Apr 2024 07:07:42 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QR4KXglxj/7R/JUKiUCM9RD/XeGOHH4wqK+c9bY2eLeqePagNKbt6tazt18yASrBuhzCR85RDod9WN4HZRwbfCZG4HZezxBuzcnhRsQXB56zmgkQyYdl0Ow2Gjs5XmXgqBxjtU2vYpcGL0Ba+mrDfbaDlsDaD1Mmcm7nFhdV55gSdMzvAU6SPy6MQo9TIDY1CoOH8/chiGVi5w2SEU1Ju2HeKtSpfgx7N3pcMBGrbWmrE2M6K++LB1EWlg3HGBaLnAz4tDavnwyLFAyC5DjstODzeNJB+Tn3mAzRGNSlQB9TzYPItK4fsLis/HCBVEc8hH1Jj0WRE6O0scyeQDcZgg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Voxy7ffa0S+E0XqigvFDOBEr04EjsHKonhEVUeJS+oM=; b=ZPkDyn+KXxp602+tee8Ri/iS4wEC3OTCEPtE2ekpT6rvZddSQE9+kXZNEU7guw7SdyuAynBnWxymwN/BIJAnKxI1XMQBU5W49rrT3UJHhaXD337fJmBf9uS+JEktx8kL+GscLZgFxeSA0fB9YOjb63E2JxH2KGaeX2WxxdJopplS7/jfvgRBaoNa4ba1Er4Zd/tVrFpLkOH1O1vgFIlkZguOUzY+w8khfaLpWFG8AmGnFK0iRyTwHHkmoEQr7o5lGHtE+vsUlx7wfsIOps64gFHg9/4BmHSR+yFZYoPWLmTRBWl7nDUpzcqiUuyse8aOecf5DHbz0aoYbuaRpWIvrA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Voxy7ffa0S+E0XqigvFDOBEr04EjsHKonhEVUeJS+oM=; b=tkZKw+GOEAywqfrJ81HWwxYvwFthilYzuezhaQTlcGXlOetgTiTJ9nU/+bOj+ZGHzpHddnso6ds+FfJ3mNAzDT11K9F3Xv5Esq3Y/ZD5a4UiCAshaUFhLvLidySkFS5NssIfWHNflPs7O7XIReTlojHEWjUdk5b6pbP+tgHVuIggGSbeZ5KQzIxt09nheaQIEtZGEe2vkeQs1s+Rml9ws6WTNKROMq25z+lppjgS8SopiOM4qmvci6o9OqrOtYOaTBxTB4xNniPiMoU/BeStaOaTg+Gd2MGSzKvXBShAvAeutLspFRWGbNEW8rwYNCdeGMXs4oGz2Srfm89+DEDEFg==
Received: from SJ0PR02MB7439.namprd02.prod.outlook.com (2603:10b6:a03:295::14) by BY5PR02MB6471.namprd02.prod.outlook.com (2603:10b6:a03:1c5::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.55; Thu, 11 Apr 2024 14:07:39 +0000
Received: from SJ0PR02MB7439.namprd02.prod.outlook.com ([fe80::7c2c:4b2:7be3:4f66]) by SJ0PR02MB7439.namprd02.prod.outlook.com ([fe80::7c2c:4b2:7be3:4f66%4]) with mapi id 15.20.7409.042; Thu, 11 Apr 2024 14:07:39 +0000
From: Michael Jones <michael_b_jones@hotmail.com>
To: Dima Postnikov <dima@postnikov.net>, Justin Richer <jricher@mit.edu>, Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com>
CC: "oauth-ext-review@ietf.org" <oauth-ext-review@ietf.org>, Dave Tonge <dave.tonge@moneyhub.com>, Nat Sakimura <nat@nat.consulting>
Thread-Topic: [oauth-ext-review] Registration of the new OAuth client registration parameter
Thread-Index: AQHajA23baYAOEUEUkyRBsT1FnxyirFjBdGAgAACg4CAABGRUA==
Date: Thu, 11 Apr 2024 14:07:39 +0000
Message-ID: <SJ0PR02MB74397AAC3711911B6EB25467B7052@SJ0PR02MB7439.namprd02.prod.outlook.com>
References: <CAEMK1uYc4nshaWx7S7sxczyHE9r-_aUu=JHaHr2Kb7_jnwGUKQ@mail.gmail.com> <CADNypP9VZRYsi7THp=6-XFn_VL9q-evJ2FCQhcMEbavH+cGhfw@mail.gmail.com> <9DEC226D-8315-4A34-8A5A-9D3675F438D7@mit.edu>
In-Reply-To: <9DEC226D-8315-4A34-8A5A-9D3675F438D7@mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-tmn: [76YwXY5AC8aB+ZlaeGvrnn+SMQQLbwsO]
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SJ0PR02MB7439:EE_|BY5PR02MB6471:EE_
x-ms-office365-filtering-correlation-id: ed97d735-58b5-46a1-dfd4-08dc5a30bf5a
x-ms-exchange-slblob-mailprops: obhAqMD0nT9T0RiVOmbr8z0MaJl6DYHcDEve2QEYOUXqoA4zC3DL7iN7DjQxVJd4fJvxJoyhIU0v9aNxfCahnZNtEXTSL2eHIQ54L69kngEx9efGY8kfeXVH964bK5l8UW96scBunQgwCdpc5UUPfb0RJ8ns3V7JWNcyxpf/3+sNQ6WU/1PtMlmeQOPNqCppkwB0gkliWhRa0paC4/T5sWNqEgDUPvbRdqKwEZtc1tyKChNfX32WMy4fkyyTq+vF9YEOGn6QBVBOsTOVkm6lZ2BMPIgBInoOZVsciFVSE3AMEieMAoH7OUqRQews9tSAOkyGLcAnCSU2P9CBbeeSDiLAvs/1S4N/DqlqPGRs77koKIjqoDcI+Hte2GA1phUPIFErQPWmqxCkQOlCNt1y/sIbu0EOfL4ItEyHpTec/tMhTI7s3USRZwdHbVtUcroYXv6I3HN97jBP+vnwtlb0Li+HBJ4PnKyyD7SvzdQKVQRfR0qiEeY0v8JxAE4Af8fij4myALcKFbJ0IQoSzawjkhRXKF5iuYbXXwGus9OnKfCyV/0gWDng07Oi8fSmAFxRZcKaG1eMe561CMb5I6DdVPhs4Who5b/ZTBgXe4hl2wdMXPuGYoUVSst7NUWR1PoHdx3RNIfe5gDZhtgSf5sMdCv/jNh8QXmBDU/OD2Nh+hPAvSvV5p/KTPT41J1GF33Xb5ocwi9gi95/Cpn2sWLiK5exUkQnc740O8Egi9CJDq/bSvK0MFv/jhAMYd4YGA+cqRZa78Y+VbZzC2WbZe/PoDljX/n3bFM83+6UnrSt7h4BNEDQFLUJtcOR/9A+Qq03
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 72dpjVAT/CTUUjgoDUVU8lbpaNR4HhiLxAXnUDj1MMnIOg3NRRrEBWYQP/anzF6HcJ+detl0N+BjNGbBJHmM8okrujrJInoNb2eEHxll2l/bFSBGw9bVSljv/NWESG19pEsi+AtspWZgMX66bjG8X2iFowRqaZSPDperxFFtJL0wsVObE3iSV6zrfLMtyTpsrijspYSHAfbhiIiELpetDYcZmjuXzJ2bTwUhE5eAxY/cDtmYCBtwU1L56XyIZ/LCYfGqKHdAGcyvlFJKWfXiFK6HPlpdbMGMAJmvBWA56hPGM6njfzUxt2NL+TpR09RjumlgYHW/zFK8QLKn3doTLhYCy62ErTZjA3O7q19Gmpp495PbbYB6mjvCyv/fxnTgb4OOEHOSG7fQlcV2vfqIIXtvBXtVM5LuhnNfl7RFauQVS9k8oHOhkwN15yWHpjHftqAONYZldows0Tin57GTaXpQ+NmTKk+1paRak+Qx/605zb3ipR7buCtFGrjPf2TkfoSYuqJ0cjUqU6LM8dhims8WF05RgEqJAJB8aNWYq8Q1BY/T05flGENUERKd3lS7sa6Ae2ExFb3Zw7CO5TObb1h+ajI+/rgl67+sMGWcQDY6j99H05l3AKjoJ4fCvWBGprQM/1C0Qk9Q3sy8ZZGbUb5044qp2EJs2N4BT/okvrituAs//afwVjZYv7w/NA8s/mbc2k1TU/RtbohBrojhKQ==
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: I4dSfwFsquXlJUUSjKiUzLifdLnJlQ7Dh+isCZrip+uhtl7mGOc6FGn8oGWxDSAgtufbk3Sv0wK4mUr+6/UEl3krvd22rhAmReK2DNbhv59CR0e3CI5+G7Kt3k7J0DMMhQCs3Wz4QT1xM4M9Q8nT66lag34Jid2xAhhszwy7Enzzi6/wvAtJOlZDW6Kz62Qq6VNla0Es7FM4eGrFMH4H6X0PANuoZtkTR2vk2b3WabHsiy51OeRRBLS38/VhbVBoQT10U/4D03WcSbtldkbWo/MZner41FAmOaXfsE9dzgl83Wu2YUan/prcxwdhk7LofI8DE7A/8jpWsP/997VnUbkVw0/DDGzBN+pnxBOHRcbHgJ3n56eFKYvoge+OmX4CWJq43oP6RGdGyal3nokNUgMBtV78e0OfkhpYVC3cKeR6Bl0hYTiAQFYHXeP3BYd4kKKQr/07MbG2BidvzDix6c6nx/DqvdCq5mBSC1Cn/uryAPNU3hlvJaIG+LU7xv6qRV9nYJk3C/hnEuukL+/OWe3pGixG1OGdcDUOwkLBdIBuAxL9jj2VNWRXqjmdmdw++YueTbpZLE0l4WQlFpYYZVYxmV/oTwvn8aMLa8Ieqm4xSwuwzRgvnHnIm8BQHseNRS/RoxLGuwHZFIdwEM/nHwjIdYAIPLTgImmPF9p4IbEuZpcfiMdZDwioY+d3SJPzBE5qLceZ+/46ClRGtZWTJiIOvEWn050V8BanoYd288iw9rw2kxp9pPYWG3KZybO6eu++bizW7YoZ9DV8AvOJkifUMvOlJ8sU94D5FR8m4TC/7jcBGtuTYj2S5YwnCXQDW2Wfd/B1s6tbVCGpgu8akZFbF8fsQCb6Y9oWuHjNg93a3e21in92CE6h5viBrImmo2fGFWlD6TWMhhEr6Z2KBLNULOgcShCRflxJIFZXPk6cC48QPI6tRNqThg8WNg6GaCbQ+nriF1VDANXl3ImDhIkFeJoMb4buEL8zju/R7oMSI+enp3ndUvGGP0wZSnb9LhxByDnutAUAXfpC8/5aBP36RGO41bEc4JeY2K0iCNzGHTR2lsNMWuDjkpVaxDjUUJ1HzqMGz1qM54IYjc9TXD71q1cT4+fCn0UGdVyCkolv6GBZWitWJnfVFz7PCqIhwQLXhz4K7I1eG+3ZjyqMrz5ALUf7Oa/EGee2X5hCQYYUAp95r1+kfsKyQPHMd5bXbMUhckioXO0Fb/KlBquwcKkLQhyTTzxQoUkzElcuFec=
Content-Type: multipart/alternative; boundary="_000_SJ0PR02MB74397AAC3711911B6EB25467B7052SJ0PR02MB7439namp_"
MIME-Version: 1.0
X-OriginatorOrg: sct-15-20-4755-11-msonline-outlook-99c3d.templateTenant
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SJ0PR02MB7439.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-Network-Message-Id: ed97d735-58b5-46a1-dfd4-08dc5a30bf5a
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Apr 2024 14:07:39.4841 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR02MB6471
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth-ext-review/TXUYOvyZZfqjVAr3ZnoPRdifs5s>
Subject: Re: [oauth-ext-review] Registration of the new OAuth client registration parameter
X-BeenThere: oauth-ext-review@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Review of proposed IANA registrations for OAuth." <oauth-ext-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth-ext-review>, <mailto:oauth-ext-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth-ext-review/>
List-Post: <mailto:oauth-ext-review@ietf.org>
List-Help: <mailto:oauth-ext-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth-ext-review>, <mailto:oauth-ext-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Apr 2024 14:07:47 -0000
It’s possible to request preliminary registrations before a spec is final. That process is in place exactly so that should the designated experts request changes to the registration, that it’s possible to make those changes. Whereas, if changes are requested but the specification is final, the changes can’t be made, which isn’t a good situation. So I’d suggest requesting preliminary registrations.
Dima, can you please add links to the IANA Consideration sections requesting the desired registrations to this thread?
-- Mike
From: oauth-ext-review <oauth-ext-review-bounces@ietf.org> On Behalf Of Justin Richer
Sent: Thursday, April 11, 2024 3:00 PM
To: Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com>
Cc: Dima Postnikov <dima@postnikov.net>; oauth-ext-review@ietf.org; Dave Tonge <dave.tonge@moneyhub.com>; Nat Sakimura <nat@nat.consulting>
Subject: Re: [oauth-ext-review] Registration of the new OAuth client registration parameter
Hi Dima,
The process is to write to this email address which goes to the designated experts (of which I’m one), so you’ve done that part right. :)
OAuth chairs and IANA — I’ve looked at the registration, and I think it is sufficiently described to allow registration. However, the document is not yet final, and so the registration should not yet take place.
When the document is final, I believe IANA will be OK to add this value to the registry.
— Justin
On Apr 11, 2024, at 2:51 PM, Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com<mailto:rifaat.s.ietf@gmail.com>> wrote:
Hi Dima,
The process is described in the RFC7591 section 4.1:
https://datatracker.ietf.org/doc/html/rfc7591#section-4.1
The following is a link to the registry with the name of the designated expert:
https://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtml#client-metadata
Regards,
Rifaat
On Thu, Apr 11, 2024 at 8:42 AM Dima Postnikov <dima@postnikov.net<mailto:dima@postnikov.net>> wrote:
Hi all
OIDF FAPI WG is planning to publish a final specification of FAPI 2 within a few weeks.
Per this specification, the following client metadata definition needs to be registered in the IANA "OAuth Dynamic Client Registration Metadata" registry established by RFC7591.
**Metadata Name**: `use_mtls_endpoint_aliases`
**Metadata Description**: Indicates the requirement for a client to use mutual TLS endpoint aliases defined by the AS where present.
**Change Controller**: OIDF FAPI WG
**Specification Document(s)**: Section 7 of FAPI 2 security profile
Could you please guide us through the process of what needs to be done.
Thanks for your assistance.
Best regards,
Dima Postnikov
_______________________________________________
oauth-ext-review mailing list
oauth-ext-review@ietf.org<mailto:oauth-ext-review@ietf.org>
https://www.ietf.org/mailman/listinfo/oauth-ext-review
_______________________________________________
oauth-ext-review mailing list
oauth-ext-review@ietf.org<mailto:oauth-ext-review@ietf.org>
https://www.ietf.org/mailman/listinfo/oauth-ext-review
- [oauth-ext-review] Registration of the new OAuth … Dima Postnikov
- Re: [oauth-ext-review] Registration of the new OA… Rifaat Shekh-Yusef
- Re: [oauth-ext-review] Registration of the new OA… Justin Richer
- Re: [oauth-ext-review] Registration of the new OA… Michael Jones