Re: [OAUTH-WG] WGLC for OAuth 2.0 Protected Resource Metadata
Brian Campbell <bcampbell@pingidentity.com> Tue, 02 April 2024 21:46 UTC
Return-Path: <bcampbell@pingidentity.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C1E4C14CE5F for <oauth@ietfa.amsl.com>; Tue, 2 Apr 2024 14:46:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.093
X-Spam-Level:
X-Spam-Status: No, score=-2.093 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KqGnDnv54NoW for <oauth@ietfa.amsl.com>; Tue, 2 Apr 2024 14:45:59 -0700 (PDT)
Received: from mail-il1-x12e.google.com (mail-il1-x12e.google.com [IPv6:2607:f8b0:4864:20::12e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 88E3AC14F5F3 for <oauth@ietf.org>; Tue, 2 Apr 2024 14:45:54 -0700 (PDT)
Received: by mail-il1-x12e.google.com with SMTP id e9e14a558f8ab-368a97b31d1so24333985ab.0 for <oauth@ietf.org>; Tue, 02 Apr 2024 14:45:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; t=1712094353; x=1712699153; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=Tn1d2xVfmBQAUn3hvrstz6sJP9NOtSqEj/jdbtNvRAs=; b=XpIC0AhYu1dJxm2Jlk+RUJxK1hdiFZakKl7zJ/6fPQjPzHKi2N5rMS/vIWmN9KkFW9 ft89y0n99sRHPCpFAUe0/ZupmouJ/PeguhiNdpjAsGuwtovoZuoADAVXFckBAnCP0HmP kGOcwne8dvtje3OCWVhwTs7WdHF7RG4jzL+2QfgWwQ41kFZwvzFR3nfDD3wzDMzroL9I 5IJ0DSMpkqw4pTAFKX9lhrI61djSv34TawW0cCdDD3m1mv4T0EK3AwDGpk2UupQraKko ifddt/stLBYn2JjQnhEvVWRAyUPFVPwno+F3T2LFNWY7yAIrXpCwmouwD/v3h5PUrDoI nBYg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712094353; x=1712699153; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Tn1d2xVfmBQAUn3hvrstz6sJP9NOtSqEj/jdbtNvRAs=; b=cZO0G6D0IirQiQCAndlOQZJPBzNK3CUsxllw354kwuSdjt3MDOaYj9Rj4Cs9yXH1pk 8MOm937id5QNT4WrtmpmKQMAxATsekOnm/INzOeqRjbJm+1Q65zLRhRwv8Ypyolzn199 ELJPw9oolgNgv9O1PQz3oqnpGGz5F3uWJ3YYWysEqN0eSPj5LqfATVFooyGy9vZwCzFi yNevUBa4w+EoWSzPOs/P2J+kyZawKCI64d4ryRI+c0yWhxPJfFiApGZdgi7flBoNZ1Nx cpZN4RONNL63cenBaxZE/8SSNhm4/ZTUUPUR5OYbHNEgcBIJqVMa+4FOlf6iYX2L/Dfp hflQ==
X-Gm-Message-State: AOJu0Yw/fFxe0vesd3K5664t+cgGBDTwUyw1DBz6Aa5/XKzJN1owl64o VRGLOKxbov5RFGfr3dMzm82pKY0TZ/rJvOvyXDI3yx3/ufB5cLsjViHywYeqnblFX+fHzkOUVAd iM5YYxhQUSqqCnyh+yVoRSE30Isuo7lhh8Ep+qbCW6OnchUsJCW7AbTrUJvk3HF3HfmE6aAb8TT PomAov7YUFvEzFcntgKpI+gNoxzw==
X-Google-Smtp-Source: AGHT+IESta5PxCKGQhkb78RH2Oals6HLVnpX7xPyNhNOsJ+nIgn6W4lIrLHhZCK0/MyWLSvMlXMAAF06ZSX5Evv/c8s=
X-Received: by 2002:a05:6e02:198c:b0:368:bf96:95ff with SMTP id g12-20020a056e02198c00b00368bf9695ffmr16171150ilf.27.1712094353400; Tue, 02 Apr 2024 14:45:53 -0700 (PDT)
MIME-Version: 1.0
References: <CADNypP9QRjmgs5Si4Fj+hSmScwx+4ihQmxfznCCVE4+8F2UFkw@mail.gmail.com> <bb6c0d9f-5156-4b2b-b102-883ee913dfd5@connect2id.com>
In-Reply-To: <bb6c0d9f-5156-4b2b-b102-883ee913dfd5@connect2id.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Tue, 02 Apr 2024 15:45:27 -0600
Message-ID: <CA+k3eCTpS0fa4OdatfPk5xNyLecfBRZZHaOgLV1G3X20NWQzgw@mail.gmail.com>
To: Vladimir Dzhuvinov <vladimir@connect2id.com>
Cc: oauth@ietf.org
Content-Type: multipart/alternative; boundary="000000000000c1c6680615240797"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/2nbw2NDVy91XidNGpNkdD8VuBOo>
Subject: Re: [OAUTH-WG] WGLC for OAuth 2.0 Protected Resource Metadata
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Apr 2024 21:46:03 -0000
I've had questions similar to Vladimir's* and do still think that some additional context or clarification or something in the document would be helpful. * https://mailarchive.ietf.org/arch/msg/oauth/LA6sqNOV98D7wP44p2Hl6dpSmtg/ On Thu, Mar 28, 2024 at 2:57 PM Vladimir Dzhuvinov <vladimir@connect2id.com> wrote: > I have a question about the parameters: > resource_signing_alg_values_supported, > resource_encryption_alg_values_supported, > resource_encryption_enc_values_supported. > > I'm not sure how to interpret "content". Where the algorithms, if > advertised, get to apply. Is this something that resources / applications > will define, depending on the resource characteristics? If we take JWE for > instance, it could be used for 3 things at least. To encrypt bearer JWTs to > access the resource, in addition to encrypting request and response > payloads. > > Vladimir > > On 27/03/2024 14:53, Rifaat Shekh-Yusef wrote: > > All, > > This is a *WG Last Call* for the *OAuth 2.0 Protected Resource Metadata* > document. > https://www.ietf.org/archive/id/draft-ietf-oauth-resource-metadata-03.html > > Please, review this document and reply on the mailing list if you have any > comments or concerns, by *April 12*. > > Regards, > Rifaat & Hannes > > _______________________________________________ > OAuth mailing listOAuth@ietf.orghttps://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > -- _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._
- Re: [OAUTH-WG] WGLC for OAuth 2.0 Protected Resou… Michael Jones
- [OAUTH-WG] WGLC for OAuth 2.0 Protected Resource … Rifaat Shekh-Yusef
- Re: [OAUTH-WG] WGLC for OAuth 2.0 Protected Resou… Atul Tulshibagwale
- Re: [OAUTH-WG] WGLC for OAuth 2.0 Protected Resou… Michael Jones
- Re: [OAUTH-WG] WGLC for OAuth 2.0 Protected Resou… Vladimir Dzhuvinov
- Re: [OAUTH-WG] WGLC for OAuth 2.0 Protected Resou… Giuseppe De Marco
- Re: [OAUTH-WG] WGLC for OAuth 2.0 Protected Resou… Atul Tulshibagwale
- Re: [OAUTH-WG] WGLC for OAuth 2.0 Protected Resou… Michael Jones
- Re: [OAUTH-WG] WGLC for OAuth 2.0 Protected Resou… Brian Campbell
- Re: [OAUTH-WG] WGLC for OAuth 2.0 Protected Resou… Brian Campbell
- Re: [OAUTH-WG] WGLC for OAuth 2.0 Protected Resou… Michael Jones
- Re: [OAUTH-WG] WGLC for OAuth 2.0 Protected Resou… Brian Campbell
- Re: [OAUTH-WG] WGLC for OAuth 2.0 Protected Resou… Brian Campbell
- Re: [OAUTH-WG] WGLC for OAuth 2.0 Protected Resou… Rifaat Shekh-Yusef
- Re: [OAUTH-WG] WGLC for OAuth 2.0 Protected Resou… Michael Jones
- Re: [OAUTH-WG] WGLC for OAuth 2.0 Protected Resou… Pieter Kasselman
- Re: [OAUTH-WG] WGLC for OAuth 2.0 Protected Resou… Michael Jones
- Re: [OAUTH-WG] WGLC for OAuth 2.0 Protected Resou… Michael Jones