[OAUTH-WG] OAuth assertions drafts improving interop characteristics
Mike Jones <Michael.Jones@microsoft.com> Mon, 15 July 2013 06:59 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9E47221F90FD for <oauth@ietfa.amsl.com>; Sun, 14 Jul 2013 23:59:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.696
X-Spam-Level:
X-Spam-Status: No, score=-3.696 tagged_above=-999 required=5 tests=[AWL=-0.098, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id orQMBBjSl6r5 for <oauth@ietfa.amsl.com>; Sun, 14 Jul 2013 23:59:46 -0700 (PDT)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2lp0212.outbound.protection.outlook.com [207.46.163.212]) by ietfa.amsl.com (Postfix) with ESMTP id 7AC9621F8415 for <oauth@ietf.org>; Sun, 14 Jul 2013 23:59:45 -0700 (PDT)
Received: from BN1AFFO11FD010.protection.gbl (10.58.52.204) by BN1AFFO11HUB046.protection.gbl (10.58.52.157) with Microsoft SMTP Server (TLS) id 15.0.717.3; Mon, 15 Jul 2013 06:59:43 +0000
Received: from TK5EX14HUBC105.redmond.corp.microsoft.com (131.107.125.37) by BN1AFFO11FD010.mail.protection.outlook.com (10.58.52.70) with Microsoft SMTP Server (TLS) id 15.0.717.3 via Frontend Transport; Mon, 15 Jul 2013 06:59:43 +0000
Received: from TK5EX14MBXC283.redmond.corp.microsoft.com ([169.254.2.146]) by TK5EX14HUBC105.redmond.corp.microsoft.com ([157.54.80.48]) with mapi id 14.03.0136.001; Mon, 15 Jul 2013 06:58:58 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: OAuth assertions drafts improving interop characteristics
Thread-Index: Ac6BKMZ92G5nMG8FT3+XkrvR13iR/Q==
Date: Mon, 15 Jul 2013 06:58:57 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739436B6C0FE7@TK5EX14MBXC283.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.35]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B16804296739436B6C0FE7TK5EX14MBXC283r_"
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(199002)(189002)(54356001)(53806001)(6806004)(81542001)(19300405004)(69226001)(76786001)(44976005)(51856001)(74502001)(83072001)(74706001)(55846006)(56816003)(76482001)(56776001)(76796001)(31966008)(54316002)(77982001)(77096001)(74876001)(74662001)(50986001)(47446002)(46102001)(59766001)(15202345003)(76176001)(74366001)(79102001)(47736001)(47976001)(80022001)(81342001)(4396001)(16406001)(63696002)(512954002)(65816001)(66066001)(20776003)(71186001)(49866001)(16236675002)(33656001)(6606295002); DIR:OUT; SFP:; SCL:1; SRVR:BN1AFFO11HUB046; H:TK5EX14HUBC105.redmond.corp.microsoft.com; CLIP:131.107.125.37; RD:InfoDomainNonexistent; A:1; MX:1; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-O365ENT-EOP-Header: Message processed by - O365_ENT: Allow from ranges (Engineering ONLY)
X-Forefront-PRVS: 09086FB5C5
Subject: [OAUTH-WG] OAuth assertions drafts improving interop characteristics
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jul 2013 06:59:51 -0000
Updated OAuth assertions drafts have been posted that improve their interoperability characteristics in a manner suggested during IESG review: they now state that issuer and audience values should be compared using the Simple String Comparison method defined in Section 6.2.1 of RFC 3986 unless otherwise specified by the application. The drafts are available at: * http://tools.ietf.org/html/draft-ietf-oauth-assertions-12 * http://tools.ietf.org/html/draft-ietf-oauth-saml2-bearer-17 * http://tools.ietf.org/html/draft-ietf-oauth-jwt-bearer-06 HTML formatted versions are available at: * http://self-issued.info/docs/draft-ietf-oauth-assertions-12.html * http://self-issued.info/docs/draft-ietf-oauth-saml2-bearer-17.html * http://self-issued.info/docs/draft-ietf-oauth-jwt-bearer-06.html -- Mike