Re: [OAUTH-WG] [Errata Verified] RFC7800 (6187)

Benjamin Kaduk <kaduk@mit.edu> Sun, 31 May 2020 04:09 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 516223A11AA; Sat, 30 May 2020 21:09:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gTi4ym7VWad2; Sat, 30 May 2020 21:09:39 -0700 (PDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 520DE3A11A9; Sat, 30 May 2020 21:09:39 -0700 (PDT)
Received: from kduck.mit.edu ([24.16.140.251]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 04V49O4G023126 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 31 May 2020 00:09:26 -0400
Date: Sat, 30 May 2020 21:09:24 -0700
From: Benjamin Kaduk <kaduk@mit.edu>
To: Pete Resnick <resnick@episteme.net>
Cc: RFC Errata System <rfc-editor@rfc-editor.org>, mbj@microsoft.com, ve7jtb@ve7jtb.com, Hannes.Tschofenig@gmx.net, iesg@ietf.org, oauth@ietf.org
Message-ID: <20200531040924.GM58497@kduck.mit.edu>
References: <20200531013404.4528BF40721@rfc-editor.org> <AA62FB03-89F3-4931-AB7C-0BE281970A2E@episteme.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <AA62FB03-89F3-4931-AB7C-0BE281970A2E@episteme.net>
User-Agent: Mutt/1.12.1 (2019-06-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/2WfXa_amFyRsxckHvjQhhuO_cmU>
Subject: Re: [OAUTH-WG] [Errata Verified] RFC7800 (6187)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 31 May 2020 04:09:41 -0000

The new text is clearly the right thing, and there is no need
to debate it if/when the document gets updated.  "Don't hold
it; do it now", so to speak -- and noting that (my
understanding/recollection of) the plan for
https://www.rfc-editor.org/rfc/inline-errata/rfc7800.html is that only
verified errata, not those in other states, will be displayed.

(Yes, that link 404s at the moment, I assume a caching issue.)

-Ben

On Sat, May 30, 2020 at 10:55:01PM -0500, Pete Resnick wrote:
> "Verified", not "Hold For Document Update"?
> 
> pr
> 
> On 30 May 2020, at 20:34, RFC Errata System wrote:
> 
> > The following errata report has been verified for RFC7800,
> > "Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs)".
> >
> > --------------------------------------
> > You may review the report below and at:
> > https://www.rfc-editor.org/errata/eid6187
> >
> > --------------------------------------
> > Status: Verified
> > Type: Editorial
> >
> > Reported by: Pete Resnick <resnick@episteme.net>
> > Date Reported: 2020-05-26
> > Verified by: Benjamin Kaduk (IESG)
> >
> > Section: 7.1
> >
> > Original Text
> > -------------
> >    [JWK]      Jones, M., "JSON Web Key (JWK)", RFC 7517,
> >               DOI 10.17487/RFC7157, May 2015,
> >               <http://www.rfc-editor.org/info/rfc7517>.
> >
> >
> > Corrected Text
> > --------------
> >    [JWK]      Jones, M., "JSON Web Key (JWK)", RFC 7517,
> >               DOI 10.17487/RFC7517, May 2015,
> >               <http://www.rfc-editor.org/info/rfc7517>.
> >
> >
> > Notes
> > -----
> > DOI has a typo: 7157 instead of 7517.
> >
> > --------------------------------------
> > RFC7800 (draft-ietf-oauth-proof-of-possession-11)
> > --------------------------------------
> > Title               : Proof-of-Possession Key Semantics for JSON Web 
> > Tokens (JWTs)
> > Publication Date    : April 2016
> > Author(s)           : M. Jones, J. Bradley, H. Tschofenig
> > Category            : PROPOSED STANDARD
> > Source              : Web Authorization Protocol
> > Area                : Security
> > Stream              : IETF
> > Verifying Party     : IESG
> 
> 
> -- 
> Pete Resnick https://www.episteme.net/
> All connections to the world are tenuous at best