Re: [OAUTH-WG] Genart last call review of draft-ietf-oauth-access-token-jwt-11

Vittorio Bertocci <vittorio.bertocci@auth0.com> Sat, 20 February 2021 08:42 UTC

Return-Path: <vittorio.bertocci@auth0.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D01D53A0CC3 for <oauth@ietfa.amsl.com>; Sat, 20 Feb 2021 00:42:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=auth0.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9V3wyISpWskT for <oauth@ietfa.amsl.com>; Sat, 20 Feb 2021 00:42:14 -0800 (PST)
Received: from mail-pl1-x630.google.com (mail-pl1-x630.google.com [IPv6:2607:f8b0:4864:20::630]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 85D4E3A0CBA for <oauth@ietf.org>; Sat, 20 Feb 2021 00:42:14 -0800 (PST)
Received: by mail-pl1-x630.google.com with SMTP id y3so1467572plg.4 for <oauth@ietf.org>; Sat, 20 Feb 2021 00:42:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=auth0.com; s=google; h=from:to:cc:subject:thread-topic:thread-index:date:message-id :references:in-reply-to:accept-language:content-language :content-transfer-encoding:mime-version; bh=k9/zDVKvodQU1DSWMN4QOEjJjQ7/o/PoyvBi6i0eRms=; b=NSvBtzrvT4Agqb1KPCc6tK5+eJDUk2ZQoouSgOcYSy5OToMCT84e2m5UgUXmcS90OZ eI7ezQFdO+98CjFXDIkqezM0ODH4weBsVlhPB3Z+ZVruhRiuAwNxf3y+q5tNdGBA1mdw yTuwGFtY6yyiJG9QRYs4O2+eq/xhl5VOw/g7W9nZOAzd0jNc9l+8Nd+Vf8HhRdU/0Q1t ng1vFvF4FWyDctckZNcz8lRpCVZziaSR/6Zi+LY9cbgAy8BW39BoBo8saQvMO3lc9mb9 ETPda7cZl1rUF0cckwNtWk9X3WPPA8XP/tF9tX+zmT73y+PgmajNXkLyItbpqYLGHxmr 1Pzg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:thread-topic:thread-index :date:message-id:references:in-reply-to:accept-language :content-language:content-transfer-encoding:mime-version; bh=k9/zDVKvodQU1DSWMN4QOEjJjQ7/o/PoyvBi6i0eRms=; b=Q9wH62m8RHXrJg51riJGHmXr86+LTaZCTsPpRye8s+NKABAgnVYrCaL5swTJ43BBuO TO8UlgPdGjD+sXvtbaD2Ob4GcEff8ABPB+MCDVBaigdel5kUmdItGJkgJi1ojDSGu6pl UsfkYFDNoh6yA5TyEGuRkandzTuxUhmTM4ZdO958uxYbWzcyAl3NoIDZazJJ6O+haODj xA0ElBQoZIK/uf0uvEnqhgnVZvs/6ut/NjQSohlLEGkvRGXK/HiNV/t3bjKf0Aoy8g9t WqtQKacHWkA4v57JGzBP55roTl6oKTmraJHUKiiZBrPbBiGWToq2H5mdu8KW6LoCxun9 C7HQ==
X-Gm-Message-State: AOAM532WsLo7vA6Q9+qgts8vMNG60PzHoFkCXUiBz8ocrQictUwwnlQT Fwj69Tn7YZuDWgdFa1Dr9Nskpw==
X-Google-Smtp-Source: ABdhPJyW/u4kCQlTceUBS8D88mAu5c26b0dRwUirs2fjcoxZl7ogwgLEgNeBxyHBSeLHJ3Wpn+iBnw==
X-Received: by 2002:a17:90a:4a84:: with SMTP id f4mr13332048pjh.231.1613810533816; Sat, 20 Feb 2021 00:42:13 -0800 (PST)
Received: from CO6PR18MB4052.namprd18.prod.outlook.com ([2603:1036:301:402a::5]) by smtp.gmail.com with ESMTPSA id c17sm10636552pjq.17.2021.02.20.00.42.12 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sat, 20 Feb 2021 00:42:12 -0800 (PST)
From: Vittorio Bertocci <vittorio.bertocci@auth0.com>
To: Roni Even <ron.even.tlv@gmail.com>, "gen-art@ietf.org" <gen-art@ietf.org>
CC: "draft-ietf-oauth-access-token-jwt.all@ietf.org" <draft-ietf-oauth-access-token-jwt.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: Genart last call review of draft-ietf-oauth-access-token-jwt-11
Thread-Index: ATg3Mzc4TJWLG/uoaKyYMhd/r5rdbr2gYiCC
X-MS-Exchange-MessageSentRepresentingType: 1
Date: Sat, 20 Feb 2021 08:42:11 +0000
Message-ID: <CO6PR18MB40529A85BD7F69FD70EF0B19AE839@CO6PR18MB4052.namprd18.prod.outlook.com>
References: <161269010849.30071.8142300590273121238@ietfa.amsl.com>
In-Reply-To: <161269010849.30071.8142300590273121238@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-Exchange-Organization-SCL: -1
X-MS-TNEF-Correlator:
X-MS-Exchange-Organization-RecordReviewCfmType: 0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/vXNmwWskxI1Mznj89QTzXIPsDuU>
Subject: Re: [OAUTH-WG] Genart last call review of draft-ietf-oauth-access-token-jwt-11
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Feb 2021 08:42:16 -0000

Thank you Roni,
Great catch! I made those two client_id values consistent, the change will appear in 12.
Thanks
V.


On 2/7/21, 01:28, "Roni Even via Datatracker" <noreply@ietf.org> wrote:

    Reviewer: Roni Even
    Review result: Ready with Nits
    
    I am the assigned Gen-ART reviewer for this draft. The General Area
    Review Team (Gen-ART) reviews all IETF documents being processed
    by the IESG for the IETF Chair.  Please treat these comments just
    like any other last call comments.
    
    For more information, please see the FAQ at
    
    <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.
    
    Document: draft-ietf-oauth-access-token-jwt-??
    Reviewer: Roni Even
    Review Date: 2021-02-07
    IETF LC End Date: 2021-02-09
    IESG Telechat date: Not scheduled for a telechat
    
    Summary:
    The document is ready for publication as a standard track RFC with nit
    
    Major issues:
    
    Minor issues:
    
    Nits/editorial comments:
    In section 3 the get example has client_id as s6BhdRkqt3 and the claims has s6BhdRkqt3_