Re: [oauth-ext-review] Request to register token_endpoint_auth_method value: client_mtls_certificate

[Nat Sakimura <nat@sakimura.org>]

Hi Hervé, 

The MTLS draft has this: 

6.3. Token Endpoint Authentication Method Registration This specification requests registration of the following value in the IANA "OAuth Token Endpoint Authentication Methods" registry [IANA.OAuth.Parameters] established by [RFC7591]. o Token Endpoint Authentication Method Name: "tls_client_auth" o Change Controller: IESG o Specification Document(s): Section 2.1.1 of [[ this specification ]] 

It is going to be registered when this draft become an RFC. 

Did you want something else? 

Best, 

Nat Sakimura

2018年10月19日 23:09、23:09、"Robache Hervé" <herve.robache@stet.eu> のメッセージ:
>Hello
>
>We provide specification for a API which respond to the European
>Payment Service Directive version 2 (PSD2).
>
>The use of this API is based on
>
>-          Use of OAUTH2 tokens
>
>-          Use of X.509 certificates for mutual authentication between
>the client and the server of the API
>
>-          The use of  MTLS
>(https://datatracker.ietf.org/doc/draft-ietf-oauth-mtls/) to link the
>two previous features
>
>Being interested about using RFC 7591, we asked ourselves which value
>of “token_endpoint_auth_method” could be used. Our guess is that none
>of the pre-registered value can be used in a MTLS context.
>
>So we would like to suggest the registration of
>“client_mtls_certificate” as a new value.
>
>Best regards
>
>Hervé ROBACHE
>Direction Marketing et Développement
>
>LIGNE DIRECTE
>T. +33(0)1 55 23 55 45
>herve.robache@stet.eu<mailto:herve.robache@stet.eu>
>
>
>
>
>
>
>[cid:image003.png@01D14327.707582F0]
>
>STET (SIEGE SOCIAL)
>100, Esplanade du Général de Gaulle
>Cœur Défense – Tour B
>92932 La Défense cedex
>
>www.stet.eu<http://www.stet.eu/>
>
>
>
>Ce message et toutes les pièces jointes sont établis à l'intention
>exclusive de ses destinataires et sont confidentiels.
>Si vous recevez ce message par erreur ou s'il ne vous est pas destiné,
>merci de le détruire ainsi que toute copie de votre système et d'en
>avertir immédiatement l'expéditeur.
>Toute lecture non autorisée, toute utilisation de ce message qui n'est
>pas conforme à sa destination, toute diffusion ou toute publication,
>totale ou partielle, est interdite.
>L'Internet ne permettant pas d'assurer l'intégrité de ce message
>électronique susceptible d'altération, STET décline toute
>responsabilité au titre de ce message dans l'hypothèse où il aurait été
>modifié, déformé ou falsifié.
>N'imprimez ce message que si nécessaire, pensez à l'environnement.
>
>This message and any attachments is intended solely for the intended
>addressees and is confidential.
>If you receive this message in error, or are not the intended
>recipient(s), please delete it and any copies from your systems and
>immediately notify the sender.
>Any unauthorized view, use that does not comply with its purpose,
>dissemination or disclosure, either whole or partial, is prohibited.
>Since the internet cannot guarantee the integrity of this message which
>may not be reliable, STET shall not be liable for the message if
>modified, changed or falsified.
>Do not print this message unless it is necessary, please consider the
>environment.
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>oauth-ext-review mailing list
>oauth-ext-review@ietf.org
>https://www.ietf.org/mailman/listinfo/oauth-ext-review