Re: [OAUTH-WG] Robert Wilton's No Objection on draft-ietf-oauth-jwk-thumbprint-uri-02: (with COMMENT)
Mike Jones <Michael.Jones@microsoft.com> Sat, 28 May 2022 15:56 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CCA6EC15AE0E; Sat, 28 May 2022 08:56:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.661
X-Spam-Level:
X-Spam-Status: No, score=0.661 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.575, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_SBL_CSS=3.335, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h0QSRruTe4Pd; Sat, 28 May 2022 08:56:52 -0700 (PDT)
Received: from na01-obe.outbound.protection.outlook.com (mail-eus2azlp170100002.outbound.protection.outlook.com [IPv6:2a01:111:f403:c110::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8CCFDC15AE02; Sat, 28 May 2022 08:56:50 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TbkjyaDEqLqPWC7EowfXwup/7NZuSdzPHeGyBvXr5tgB2wIvh3ZqEIUHhpOC4HOcRs8MhtKG3yoSzdbxbI0Jk1fJcSGjQcfw1/mfr5R/V8zE+VkAHtQTTWe4IBPRU9mf+iqjfmxoOjRsgFtjLDcPS5/KGueToxeonZDTZsrXW2XJ3KUYTMiqZfU3OkipsU8MZ57hghmwQabqZlyPnVadx+3vvxAcJ8fTGbfNSlQb/GYb6KsPhNYdlM5TDNI4ihO1VGlBM3AE7GLTdPkDToiY7la3/7bxrBRs4N0wKc6BCTTFqXaxjcBi1oTpZTe0EhVUvPjDH3RDFzyJ+M1qNgub4g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=LxdXnCdJz7LysF9LgtN6WV21BmW/5pHoJ41795pCsGg=; b=TuieP2gmDPT5F/9oxFLUhoaZisYg/J5BYd/WrSERS502EAVjOqwV+RCDWRTaIH2KPj3FHT0fRzoIYSqWkZRBa8IUMiqEGcyyifjm+qH/D4skLtv9T8yIMF6NpSqh+ipC6ko1hCuix34hfqaWg90mLmRn1bI4LbMm5cL0TE9M98hbFOxzgzp5+mgqBEiEnZKdR2E5yiR7fbJ+EfNSdXFhGeDkpz7kmcfNrNt/Ni0ItK7XcgHclhWe0Iaxz4/P4UBE5/tqqHGa80eeQQzT2QUryXdk3SGbj5QPN8p+7dBd6OjyoHUqTQGUySXTg55hcIaQk3N2FgKvgPw78hRBo3/1mg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LxdXnCdJz7LysF9LgtN6WV21BmW/5pHoJ41795pCsGg=; b=IMmkDffhUj6ws+i1gcUxEhbe/dVJERG+ix1kmIacZimcgbNLX6X8kYd0hR39FCjZg49LCkDmmnORqTSfzJPrEmLQ4mIeoeB0gkFD+KHkJonN+1MpC1e3pk4WLvDzaCrveXQbqouHiNK/UHv/Rgz0ydsEVl+u3fXVGZVNirYGECs=
Received: from SJ0PR00MB1005.namprd00.prod.outlook.com (2603:10b6:a03:2d3::18) by CH2PR00MB0853.namprd00.prod.outlook.com (2603:10b6:610:ad::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5333.0; Sat, 28 May 2022 15:38:21 +0000
Received: from SJ0PR00MB1005.namprd00.prod.outlook.com ([fe80::350c:bd72:c38f:2231]) by SJ0PR00MB1005.namprd00.prod.outlook.com ([fe80::350c:bd72:c38f:2231%6]) with mapi id 15.20.5339.000; Sat, 28 May 2022 15:38:19 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Robert Wilton <rwilton@cisco.com>, The IESG <iesg@ietf.org>
CC: "draft-ietf-oauth-jwk-thumbprint-uri@ietf.org" <draft-ietf-oauth-jwk-thumbprint-uri@ietf.org>, "oauth-chairs@ietf.org" <oauth-chairs@ietf.org>, "oauth@ietf.org" <oauth@ietf.org>, "rifaat.s.ietf@gmail.com" <rifaat.s.ietf@gmail.com>
Thread-Topic: Robert Wilton's No Objection on draft-ietf-oauth-jwk-thumbprint-uri-02: (with COMMENT)
Thread-Index: AQHYcbAWGso+dEIpSE2Cqinyc8z1/a00bcnw
Date: Sat, 28 May 2022 15:38:19 +0000
Message-ID: <SJ0PR00MB10057C243B38EC8E90B80F20F5DB9@SJ0PR00MB1005.namprd00.prod.outlook.com>
References: <165364540372.7252.6386507723108974448@ietfa.amsl.com>
In-Reply-To: <165364540372.7252.6386507723108974448@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2022-05-28T15:35:40Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=972e6ef3-dfcc-4259-b140-c5e88ab7efcb; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: d78ebc0b-c2fe-4ce3-cf64-08da40c01732
x-ms-traffictypediagnostic: CH2PR00MB0853:EE_
x-microsoft-antispam-prvs: <CH2PR00MB085366FA7EDD339D24A3C782F5DB9@CH2PR00MB0853.namprd00.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: jXpPRNMFNlgRlQodsTEPqrC0SZyCKXHbI2dUbYB23bHooggVcvLtnBcXef/MGmDYEv4+WP0wfrL2tR0k4nE6i57yPWEYqwZbOFptPUUKLIJHF0N7wC3pH2ENK8HTqnsT9miLUMv/uDbBzXbV3MkP1nwgcsAukkug/0t+tyg/BgL3rhGWAgKu7aeJg0br35XDrT30i/upp8cqa1rKAwEdeJ9EWQorSGS6QZuorWLm62d2WZUmFOjeAMpXkmvDtyOOkMCSEU7oTStKvaf/NOFkkELqZD5jcU1meeYmsleSROxbbPSFqo3Xe5ScWz+5HYYD+IUmp9ji9lF3trb4RE5CbrEiKJs1stQNtY6qAqwpcmt/iZ6/yYN7S2LZz0vY/K12rX+29EaSz91tEf+46/p3y5DPiUwUuj0m1EU9gIunnVsFWY113wE5EC49AAbk1HPa1A6iC/gvo6kFZRChy4O3ApGUusarXk1o+3yR121r1ZoFzCUPPp/QesX0zT03EcZtjkzNR0QVDmvwn/TNXn08TTEmjmVZwp+nQgCkAZjjH0C8dlsJa/PBX3+Ik4b0Thc9YKXHm4KPDSg3vImu0RamPVZVz/nc3k3JztL0jE++aPMZ4FhNcRSRzAOoFF1IRd7hPj4IwbSmRvSYNNzbbc32O4PgG2Xj/rooNtCRTgLG0Xc/wUfjR7D2ByoyTz2vQSjXPzAxg7TS9FfNQ37U5mds6oe00mVuR+Q1GcwPSXQyKq8tFY4IdA1xNv+oPgky+yr3rHXGEQqIirqPSJE5MGqNmvTuRVbO7X8bgZagasVCBowpJmTLaQayGMet2quJdzTRuqro8tI74qieaC6Lyy4wWQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SJ0PR00MB1005.namprd00.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(451199009)(5660300002)(9686003)(8936002)(66476007)(64756008)(66946007)(53546011)(33656002)(8990500004)(66556008)(83380400001)(186003)(2906002)(316002)(4326008)(76116006)(82960400001)(10290500003)(82950400001)(54906003)(52536014)(110136005)(71200400001)(8676002)(508600001)(66446008)(38100700002)(6506007)(7696005)(55016003)(38070700005)(966005)(86362001)(122000001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 2
x-ms-exchange-antispam-messagedata-0: oCLRcch/IUqgK3lMSdSylfx9/jkqjkqd7O+1lkUKqtGWqgNBSf07sAPOFnMYUly51RI7z7W5wO9rIVY8aWAz6p4KV1UwFHPYFmQkVQoqq6XZAGAXekKJ5h09YDHEz++hSPB17tiZj2/TGUEvt/MFTp2gW2Mx4hECa7Mnurq5gF33htiU6rPLGcRuLQNw8tJyhLmZ0cTe2mqs5t88S5KOa+/MHLdGWezvyRoDvwYOSjAFCNxvU/HCV3HhmAyWn3V3Ue+XjdVDGNoI6NXgfyk0/2DeWS4YrM764FD69rhwQ7D0s4NkXixVgSLM61q353EbrL+4qAIhbzb5/lBMn977p6okybvdOVk768jym6hiSGFghyy9rPZJkgbd5WJirkzxuPbC21z031KXYg1ri+snlWGFznGi8+rrapdQnbetD/8G76oX/LKWqGXTDMxCrrgl3briyG8aM8z4lLRz+2D0B1KE8H/CpjwKe72UK+YtC1X4+kGwlMqg318DPnLgyMEsk93oWjmEdyVK4SZEybknDgQBgLyMacgzgRDc1WwBUsHkOjBUIs0qgHZXTY8N1hYTb+/6F1UzuF6MLcp5SpaPN1ChhNWzv6iHglO7SFj2nj24AmLVPCxf8Qnbkhg8k3sznfpu1045gw9Osx2L1G6+ZIILTtwBWg/juCH/0CI5XlkuFwjr1aW7EEu5mVVdqPv6Gedb69mHpSgRkzKRQvQdgJfAVlVplPEbAUMfFkM/UKhHz1GYTcFcYIPmEdlINF+sZ/NGhBZCXr+tJ50ULvL5RPB3FEwDkcmRLUFY9WPW11Z4l/D6GD/s+yU5HbymSIz4wO9oEuBOK6vE7YpS5o5g070O4FtTqUd+L/7sl3wPmJ+4DEsqSYE6C/kbWlAh+8uKdzIaKEaZq8lJi8+GAPsquqIv54Rke1JISIyOqAT/CR/Uc7Q7g0DMZ3Ih/dQ5tgyS4a96lSCQxVUR6dM6YTRRerGgYh5RQQdE27Ym4UhSi3R1ef8R3fQWUrlyhFdDM8a8TR3ovsPuc7ZOMXcqlGE+pLRpK6vxUgeW+JkGpUJeGQEQmkaAQJlsprMwEmjxF4tynwxs5pe5JS27StAIMQkisTYx+EBWChZq01/Z/8HFofDymHsV+lYU3A+munA/xGOaU6PL4JuelOucGa598gnQca6y2aiakuvy6nQ9IeVChtp2bxoc2nzHWazucXoY+dI+FXnMxNqcn9PuH9pbaSsRb46/HvK9Li6d01Tts1QGhXOOC607gvLM4tTMkiL+8owp9l7TqwnYDmoDYc9mMdTalJ5bWokMLD7QwzILQEsLbV2fKRZBiaOKsJAWTP8Nie9O+g0NaMeFoS2Y7jjNfmqPr7fCl6foZu3QXanlv7loX0jY8edtcmDV2l0y+lg94WoFX2AiWw3ffF3vY5Ebmj7qlA0ghjYGQVwDNPu0IJtXzILOR/FHuzGfyzUycddyi5i/N7An9XQTuYIzaPeA29/oj6TieTdohMwcmTwp8xCHXZLex9XYcgqBW3h2q9pMy12qqKBXvqG6b357NjQV5ufEuJTbymECK4n3UgyFj0oOKhgamhPq/cN4rsIjIlB0YDTUSDMbTXvYVcH3B1mVIksPFB+6MSZ5KzDMhIl6yUno0IIDGgNAUJDCREo+wSgNcgVKqOghK58nSJlZXdnc/1eHJl+w4WMx0/eZPJeqdI8/X7VwkxaUjZMLoyWFJG4JnC95rq9Ep5/id3UwqVLdAjEUMiMX5OIkaMlYrgbKeGHC084wuVJVjTPJT6rqrV4B74YJpURm7NLU
x-ms-exchange-antispam-messagedata-1: N8FWFPQFoxcEcQ==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SJ0PR00MB1005.namprd00.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: d78ebc0b-c2fe-4ce3-cf64-08da40c01732
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 May 2022 15:38:19.1263 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: e/UUKVqOYKsvic4KCkB9rGSK6vIL3YBr/gO1gI3yoj7GLhblAxm5Xv9fWJvAu/13FHapMzw5pvKw8WGKFW7EVw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR00MB0853
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/50GHVoeECMNZOH8U_3O1KSeyinQ>
Subject: Re: [OAUTH-WG] Robert Wilton's No Objection on draft-ietf-oauth-jwk-thumbprint-uri-02: (with COMMENT)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 28 May 2022 15:56:52 -0000
Hi Robert, Good question. Chasing the RFC reference chains, RFC 6920 says that algorithms have the syntax 1*unreserved where "unreserved" is from RFC 3986, Section 2.3. That section defines the unreserved character set as unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~". These are all characters that do not require encoding. So I think we're good to go. Thanks again, -- Mike -----Original Message----- From: Robert Wilton via Datatracker <noreply@ietf.org> Sent: Friday, May 27, 2022 2:57 AM To: The IESG <iesg@ietf.org> Cc: draft-ietf-oauth-jwk-thumbprint-uri@ietf.org; oauth-chairs@ietf.org; oauth@ietf.org; rifaat.s.ietf@gmail.com; rifaat.s.ietf@gmail.com Subject: Robert Wilton's No Objection on draft-ietf-oauth-jwk-thumbprint-uri-02: (with COMMENT) Robert Wilton has entered the following ballot position for draft-ietf-oauth-jwk-thumbprint-uri-02: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-oauth-jwk-thumbprint-uri/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Hi, I just wanted to confirm that the names of "Hash Name String" in the IANA registry are always such that they can be directly used in URLs without encoding. RFC 6920, section 9.4, didn't seem to specify any restriction, but text if the rest of that RFC (that I'm not really familiar with) seems to suggest/indicate that they use a restricted character set and hence are safe to directly embed. Thanks, Rob
- [OAUTH-WG] Robert Wilton's No Objection on draft-… Robert Wilton via Datatracker
- Re: [OAUTH-WG] Robert Wilton's No Objection on dr… Mike Jones