Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-introspection-04.txt

"Richer, Justin P." <jricher@mitre.org> Wed, 24 December 2014 15:01 UTC

Return-Path: <jricher@mitre.org>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 769F71A8A7B for <oauth@ietfa.amsl.com>; Wed, 24 Dec 2014 07:01:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I1Uc7bGAFEBl for <oauth@ietfa.amsl.com>; Wed, 24 Dec 2014 07:01:17 -0800 (PST)
Received: from smtpvbsrv1.mitre.org (smtpvbsrv1.mitre.org [198.49.146.234]) by ietfa.amsl.com (Postfix) with ESMTP id CC1801A8A7A for <oauth@ietf.org>; Wed, 24 Dec 2014 07:01:16 -0800 (PST)
Received: from smtpvbsrv1.mitre.org (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id E029A72E023; Wed, 24 Dec 2014 10:01:15 -0500 (EST)
Received: from IMCCAS04.MITRE.ORG (imccas04.mitre.org [129.83.29.81]) by smtpvbsrv1.mitre.org (Postfix) with ESMTP id D102F72E00D; Wed, 24 Dec 2014 10:01:15 -0500 (EST)
Received: from IMCMBX01.MITRE.ORG ([169.254.1.143]) by IMCCAS04.MITRE.ORG ([129.83.29.81]) with mapi id 14.03.0174.001; Wed, 24 Dec 2014 10:01:15 -0500
From: "Richer, Justin P." <jricher@mitre.org>
To: Thomas Broyer <t.broyer@gmail.com>
Thread-Topic: [OAUTH-WG] I-D Action: draft-ietf-oauth-introspection-04.txt
Thread-Index: AQHQHto2m+EA/K/3q0afSMLS15gPipydy1qAgACrSciAALRlgA==
Date: Wed, 24 Dec 2014 15:01:13 +0000
Message-ID: <E1B297BE-0845-4735-B71C-54D723774C45@mitre.org>
References: <20141223175920.640.76803.idtracker@ietfa.amsl.com> <DCE1C662-E785-4068-8547-D6D47BAB7F6A@mitre.org> <CAEayHEOcFDCwvHdRCrxy63mJ-bmQ3pMZHtp4DbLfZV9qxD2R0Q@mail.gmail.com>
In-Reply-To: <CAEayHEOcFDCwvHdRCrxy63mJ-bmQ3pMZHtp4DbLfZV9qxD2R0Q@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.146.15.76]
Content-Type: multipart/alternative; boundary="_000_E1B297BE08454735B71C54D723774C45mitreorg_"
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/oauth/9jnl-meJYTmijqI-X0UqijXB1JE
Cc: "<oauth@ietf.org>" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-introspection-04.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Dec 2014 15:01:19 -0000

Thanks for the review, especially of the new text.

The "Following is a non-normative example" text is, in all cases, actually a preamble attached to the diagram/example section. In the plain text it renders as a separate paragraph, which is why it might look odd there.

I've removed the line wrapping comments in my working draft -- those were left over from previous examples, thanks for catching that. It's a small change that will get rolled up with whatever shepherd/AD comments come in at the next stage.

 -- Justin

On Dec 24, 2014, at 4:15 AM, Thomas Broyer <t.broyer@gmail.com<mailto:t.broyer@gmail.com>> wrote:


Hi,

A couple editorial remarks:

When introducing the first 2 examples, maybe merge the two paragraphs, starting with "The following non-normative example shows …".

Similarly, you talk about line wraps for display purpose but the examples don't need/use wrapping.

Other than that, ready to go to the RFC state if you ask me.

Le mar. 23 déc. 2014 19:02, Richer, Justin P. <jricher@mitre.org<mailto:jricher@mitre.org>> a écrit :
This draft makes two changes:

 - Removal of the "resource_id" input parameter, whose purpose has been largely supplanted by requiring authorization to call the introspection endpoint. I also don't know of any implementations that make use of this parameter. If there's later consensus on defining more context on the way in, we can easily have an extension for that.

 - Re-shuffling of the examples out of an appendix and into the sections that they represent; it reads better this way.

 -- Justin

On Dec 23, 2014, at 12:59 PM, <internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>> <internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>> wrote:

>
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the Web Authorization Protocol Working Group of the IETF.
>
>        Title           : OAuth 2.0 Token Introspection
>        Author          : Justin Richer
>       Filename        : draft-ietf-oauth-introspection-04.txt
>       Pages           : 13
>       Date            : 2014-12-23
>
> Abstract:
>   This specification defines a method for a protected resource to query
>   an OAuth 2.0 authorization server to determine the active state of an
>   OAuth 2.0 token and to determine meta-information about this token.
>   OAuth 2.0 deployments can use this method to convey information about
>   the authorization context of the token from the authorization server
>   to the protected resource.
>
>
>
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-oauth-introspection/
>
> There's also a htmlized version available at:
> http://tools.ietf.org/html/draft-ietf-oauth-introspection-04
>
> A diff from the previous version is available at:
> http://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-introspection-04
>
>
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org<http://tools.ietf.org/>.
>
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org<mailto:OAuth@ietf.org>
> https://www.ietf.org/mailman/listinfo/oauth

_______________________________________________
OAuth mailing list
OAuth@ietf.org<mailto:OAuth@ietf.org>
https://www.ietf.org/mailman/listinfo/oauth