[OAUTH-WG] Fwd: I-D Action: draft-ietf-oauth-token-exchange-07.txt

Brian Campbell <bcampbell@pingidentity.com> Wed, 11 January 2017 19:05 UTC

Return-Path: <bcampbell@pingidentity.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A508E129D76 for <oauth@ietfa.amsl.com>; Wed, 11 Jan 2017 11:05:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.44
X-Spam-Level:
X-Spam-Status: No, score=-2.44 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTML_OBFUSCATE_05_10=0.26, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pingidentity.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NxQ7vlDTDgkS for <oauth@ietfa.amsl.com>; Wed, 11 Jan 2017 11:05:23 -0800 (PST)
Received: from mail-io0-x232.google.com (mail-io0-x232.google.com [IPv6:2607:f8b0:4001:c06::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 342E712996C for <oauth@ietf.org>; Wed, 11 Jan 2017 11:05:23 -0800 (PST)
Received: by mail-io0-x232.google.com with SMTP id v96so736739ioi.0 for <oauth@ietf.org>; Wed, 11 Jan 2017 11:05:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=gmail; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=VnfFEUtvm80dReh1uwpV7NM/vVHPtGomT1Pew0yDE0k=; b=IHqJ0k8fTw/cej5vNhgXTN3BMwoaU95Q2QiyK4NfMYCQktB+hYuZIV4pZg54AtPZ+m XQSdGWu2/4jLNeDQvwdYmDtuqp6Fqx7gqR8VWE5qy8+9xTdmMsx7M9S5NsVr8R/Yrtqb 3LOfcW4RIBVuu2bJdg7hnT+bm/p2sKR8xCN+0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=VnfFEUtvm80dReh1uwpV7NM/vVHPtGomT1Pew0yDE0k=; b=dg6zMmFWx7HLVqV8NWpgg6C0e+nPJPZjzH9I81IiNbhN5WBw17Cx5i8sbSL0oHauzW 6PztpxHDYJDn3MSgNLgs3q642ivZjgzPk+rwuWxifAS0z8OApm6igzCLmiHjb82uy58h q9c/wzMp1JIngTAZ4MrkKBDQ56PWlaoUDxCg7e54RUn9XG1xaskWkJzX1/tQFRRc4CtM VnWv1Tb77FuwWUA3KeoXR8FdctA9l5ueOTUtriVeVey7W8xcEZ8WwVwCobFhNBCSMgNu bTQhySepJOnUpsPlgHnn1nj7ECtN5ho8LGkuU2H8V6zQNnC7Zr1lUJ4CkyonN0TbeyDt z8iw==
X-Gm-Message-State: AIkVDXJYhKtwZ0T93eu9gj2UtB8LN+oWuROE8EMeKKHKkYMW45pobarLdKA23nNUVBYy2Pej7UllY/74OGRICH9j
X-Received: by 10.107.181.213 with SMTP id e204mr9715885iof.156.1484161522164; Wed, 11 Jan 2017 11:05:22 -0800 (PST)
MIME-Version: 1.0
Received: by 10.79.31.5 with HTTP; Wed, 11 Jan 2017 11:04:51 -0800 (PST)
In-Reply-To: <148416124213.8244.5842562779051799977.idtracker@ietfa.amsl.com>
References: <148416124213.8244.5842562779051799977.idtracker@ietfa.amsl.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Wed, 11 Jan 2017 12:04:51 -0700
Message-ID: <CA+k3eCTE1NM90QcZRFR0jATCqdeJWyTRUb6Ryp52n9FRg6aGpA@mail.gmail.com>
To: oauth <oauth@ietf.org>
Content-Type: multipart/alternative; boundary=001a11444e645181430545d648cc
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/3sDUnPwcK7Znl3VkPB0RoQIN-mo>
Subject: [OAUTH-WG] Fwd: I-D Action: draft-ietf-oauth-token-exchange-07.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Jan 2017 19:05:24 -0000

Draft -07 of "OAuth 2.0 Token Exchange" has been published. The primary
change in -07 is the addition of a description of the relationship between
audience/resource/scope, which was a request or comment that came up during
the f2f meeting in Seoul.

Excerpted from the Document History:

   -07

   o  Fixed typo (desecration -> discretion).
   o  Added an explanation of the relationship between scope, audience
      and resource in the request and added an "invalid_target" error
      code enabling the AS to tell the client that the requested
      audiences/resources were too broad.


---------- Forwarded message ----------
From: <internet-drafts@ietf.org>
Date: Wed, Jan 11, 2017 at 12:00 PM
Subject: [OAUTH-WG] I-D Action: draft-ietf-oauth-token-exchange-07.txt
To: i-d-announce@ietf.org
Cc: oauth@ietf.org



A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the Web Authorization Protocol of the IETF.

        Title           : OAuth 2.0 Token Exchange
        Authors         : Michael B. Jones
                          Anthony Nadalin
                          Brian Campbell
                          John Bradley
                          Chuck Mortimore
        Filename        : draft-ietf-oauth-token-exchange-07.txt
        Pages           : 31
        Date            : 2017-01-11

Abstract:
   This specification defines a protocol for an HTTP- and JSON- based
   Security Token Service (STS) by defining how to request and obtain
   security tokens from OAuth 2.0 authorization servers, including
   security tokens employing impersonation and delegation.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-token-exchange/

There's also a htmlized version available at:
https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-07

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-token-exchange-07


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth