Re: [OAUTH-WG] Murray Kucherawy's No Objection on draft-ietf-oauth-rar-19: (with COMMENT)
Torsten Lodderstedt <torsten@lodderstedt.net> Thu, 15 December 2022 09:37 UTC
Return-Path: <torsten@lodderstedt.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 23F2FC14CE43 for <oauth@ietfa.amsl.com>; Thu, 15 Dec 2022 01:37:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lodderstedt.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5MrPv3L8LRIW for <oauth@ietfa.amsl.com>; Thu, 15 Dec 2022 01:37:26 -0800 (PST)
Received: from mail-wr1-x42e.google.com (mail-wr1-x42e.google.com [IPv6:2a00:1450:4864:20::42e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 95B47C14F718 for <oauth@ietf.org>; Thu, 15 Dec 2022 01:37:26 -0800 (PST)
Received: by mail-wr1-x42e.google.com with SMTP id w15so2397411wrl.9 for <oauth@ietf.org>; Thu, 15 Dec 2022 01:37:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lodderstedt.net; s=google; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=t3qBeZU4UV++Kuc+ycxJTMHrJn58JpdPBG9y2grJaW8=; b=TcuuQWKkSAHvvTAV5LyWYPbIwMItgSVDFW6d/xnuliaJjfF75ORdq0tzyG9Uj9XSx5 b1TMK2tm16B76C6irwpiB0pHtx17UKlIYQZ3oN3bf+qwHrBnjBbeqWWgAMlotDT9vXyw PnwAxvDsXxMm2TbF8x+zSDbr2NlI9cGuziX4Z8X3y2Pp3OE55QZ3f+hDyCXW/Nj/mBKz IykAHp8SZVXpSyD7ZIMg/O34mMfsBEMss1pEX2NzS+YcQMEecWeg/e3gPR1G91xmaJNd cjb2iPrNZ7DSjoGHxPk2ovoC7oB/lROZ/WWAOwDFlnw3Wuic9qVQaf8HUjKyZGJ9wg2c eejg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=t3qBeZU4UV++Kuc+ycxJTMHrJn58JpdPBG9y2grJaW8=; b=WHHZw3f1y8pvwQ/n3ZtcCUr687dG5gx/iguPZTJiVag2DzZS5won3akIj3diMrFflH Q+LcqXtO2Uu39zyzvPBlQ2mokXCdpwvBau52VtUukqsU7IGVblsAS5HpQO7UjYP5CLd3 I0zli/A9NJY6UKaIdzqfOdvCA0GaGB5jCdmJWQM/1yDvdZQ5wRQjFPr+7f3zc4R8TgVE 0BnPL87INw72BAwZapVUKZefL/b/PWPsOTXW9s+gLtHl1G4jMYTply1F5PZSWMKMaf8J K5v9COKocZPA6xjNFZgLwPFWiDabdmqEP6rT2DxKx1DPPXgCvkwCYx58zPpM+Yw269WJ 9M3g==
X-Gm-Message-State: ANoB5pnQj6HQPHJ/8TM6oXgwwPrdueOSOb3zK4cC6gWjVclCkXLvWS3L tedraKoqptComhSN4avByIa/rA==
X-Google-Smtp-Source: AA0mqf6yyIkmnVN0tJd2Cl9/fx0XENwEvHxVKO11+0MDaq7SJ4L3rANCVWjm7lLOoO/dXXz+3KJPRQ==
X-Received: by 2002:a5d:4f92:0:b0:242:18c5:7899 with SMTP id d18-20020a5d4f92000000b0024218c57899mr19630115wru.61.1671097044905; Thu, 15 Dec 2022 01:37:24 -0800 (PST)
Received: from smtpclient.apple ([46.183.103.8]) by smtp.gmail.com with ESMTPSA id x5-20020a5d6b45000000b002302dc43d77sm5450972wrw.115.2022.12.15.01.37.23 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 15 Dec 2022 01:37:24 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
From: Torsten Lodderstedt <torsten@lodderstedt.net>
In-Reply-To: <167109327957.48477.11857277283294151354@ietfa.amsl.com>
Date: Thu, 15 Dec 2022 10:37:19 +0100
Cc: The IESG <iesg@ietf.org>, draft-ietf-oauth-rar@ietf.org, oauth-chairs@ietf.org, oauth <oauth@ietf.org>, hannes.tschofenig@arm.com, Hannes Tschofenig <Hannes.Tschofenig@gmx.net>
Content-Transfer-Encoding: quoted-printable
Message-Id: <632389C7-FAF8-486A-B6FA-BC3F08C64B0F@lodderstedt.net>
References: <167109327957.48477.11857277283294151354@ietfa.amsl.com>
To: Murray Kucherawy <superuser@gmail.com>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/517PtxCHHCrD28JM4aMIsIzxugA>
Subject: Re: [OAUTH-WG] Murray Kucherawy's No Objection on draft-ietf-oauth-rar-19: (with COMMENT)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Dec 2022 09:37:30 -0000
Hi Murray, thanks for you review. I updated the draft based on it and submitted -20 Here is the diff https://author-tools.ietf.org/iddiff?difftype=--hwdiff&url2=draft-ietf-oauth-rar-20.txt > Am 15.12.2022 um 09:34 schrieb Murray Kucherawy via Datatracker <noreply@ietf.org>: > > Murray Kucherawy has entered the following ballot position for > draft-ietf-oauth-rar-19: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ > for more information about how to handle DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-oauth-rar/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Thanks for the work put into this. Seems like it's in good shape. > > Thank you to Thomas Fossati for the ARTART review. > > "MUST consider" in Section 3.1 is curious. How does an implementation comply > with something like "consider"? Good point, what we want to get across is that the AS must not ignore any of the requirements defined in a scope or authorization details parameter if both are present in the authorisation request. Changed it to „process". > > Why is the "RECOMMENDED" in Section 9.1 not a MUST? The text in Section 9 just > above it suggest something stronger. The AS is free to choose the format and representation of the data. It is not required to use the authorization details structure, it can transform and filter it. > > In Section 7.1, I can't understand what's meant by "This mechanic ...". Changed it to „This example“. best regards, Torsten. > > >
- [OAUTH-WG] Murray Kucherawy's No Objection on dra… Murray Kucherawy via Datatracker
- Re: [OAUTH-WG] Murray Kucherawy's No Objection on… Torsten Lodderstedt