[OAUTH-WG] JWT BCP updates addressing WGLC feedback
Mike Jones <Michael.Jones@microsoft.com> Thu, 10 May 2018 00:02 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 377DF126C19
for <oauth@ietfa.amsl.com>; Wed, 9 May 2018 17:02:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.01
X-Spam-Level:
X-Spam-Status: No, score=-2.01 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001,
SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01]
autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key)
header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id WYZgH06bX0f8 for <oauth@ietfa.amsl.com>;
Wed, 9 May 2018 17:02:33 -0700 (PDT)
Received: from NAM02-SN1-obe.outbound.protection.outlook.com
(mail-sn1nam02on0129.outbound.protection.outlook.com [104.47.36.129])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 2E7B0124234
for <oauth@ietf.org>; Wed, 9 May 2018 17:02:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
bh=VqHVs0n+HcDArarLn7jmHkwxVcU7hf6H1Je3q7wSq/Q=;
b=AfNgbOrAEq/K2JhGtForzFkRjswbt3dw5Q4TRatfUf8RFc2fVT7RkNpcbzqIzEYwAjEyDsY2Zj9FPWVBjQRmudtheD4RBkrLpDF2Z8Vpz4R316L1j7bVsPUcEXiNBKfNY9YkM0ZhypgdEwDFbj8cYAeq8QQ03+csWmFhGu0p6C4=
Received: from SN6PR00MB0304.namprd00.prod.outlook.com (2603:10b6:805:b::30)
by SN6PR00MB0366.namprd00.prod.outlook.com (2603:10b6:805:c::21) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.793.0; Thu, 10 May
2018 00:02:31 +0000
Received: from SN6PR00MB0304.namprd00.prod.outlook.com
([fe80::78c2:1262:2203:b29]) by SN6PR00MB0304.namprd00.prod.outlook.com
([fe80::78c2:1262:2203:b29%4]) with mapi id 15.20.0796.000; Thu, 10 May 2018
00:02:31 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: JWT BCP updates addressing WGLC feedback
Thread-Index: AdPn8AGpcsWKiWuLTiCXCDaJYzjVyw==
Date: Thu, 10 May 2018 00:02:31 +0000
Message-ID: <SN6PR00MB03044DD73EAEF9BBDF7B2609F5980@SN6PR00MB0304.namprd00.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True;
MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Owner=mbj@microsoft.com;
MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2018-05-10T00:02:29.4699672Z;
MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=General;
MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Application=Microsoft Azure
Information Protection;
MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Extended_MSFT_Method=Automatic;
Sensitivity=General
x-originating-ip: [2001:4898:80e8:b::145]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; SN6PR00MB0366;
7:5C9BHEalPaZqsRe3SrrtAXapgeTWInwsx8oO+OfY0VYqMUY9gWrsRmN1DzNv8XCfk0Zar8083u8Ym5nzDME68EvP0uGj9DWrYwk5e5Azk21wLv4/x2axg82KTa6taIC/n+/aTZLUERpr09HH8aYEs4Bl4esXmQoXgpfSPCFYhMK4zAoTz+F54MHBhOmtCsRR6BxpAVEzSS6sCv822k+CxxpfR3ubcXj8VVKIZhIxvAJNcPapRTyCzOubzsPmCsb1;
20:vWPWq/q6R9Ly0MYEynft7/CnDIH6MX0d8J6NHvacha6+ThBtA8JNM2ssixs4jCO4pblkHmMnvTApsXp1GMHHmagZwrvsUbOfb0/kMWOx4dOb6+D3o2JSNs+0liH6NdEmf6cTjhxDJO7UpfkrA14EkaMjHEuAoip6kEJZEwx5bVM=
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0;
RULEID:(7020095)(4652020)(5600026)(4534165)(4627221)(201703031133081)(201702281549075)(48565401081)(2017052603328)(7193020);
SRVR:SN6PR00MB0366;
x-ms-traffictypediagnostic: SN6PR00MB0366:
x-microsoft-antispam-prvs: <SN6PR00MB0366063CD0FDE7509C695EA1F5980@SN6PR00MB0366.namprd00.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(31418570063057)(21748063052155);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0;
RULEID:(8211001083)(2017102700009)(2017102701064)(6040522)(2401047)(8121501046)(5005006)(2017102702064)(20171027021009)(20171027022009)(20171027023009)(20171027024009)(20171027025009)(20171027026009)(2017102703076)(3002001)(10201501046)(93006095)(93001095)(3231254)(2018427008)(944501410)(52105095)(6055026)(149027)(150027)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123564045)(20161123560045)(20161123558120)(6072148)(201708071742011);
SRVR:SN6PR00MB0366; BCL:0; PCL:0; RULEID:; SRVR:SN6PR00MB0366;
x-forefront-prvs: 066898046A
x-forefront-antispam-report: SFV:NSPM;
SFS:(10019020)(979002)(396003)(366004)(39380400002)(346002)(376002)(39860400002)(209900001)(189003)(199004)(105586002)(1730700003)(86362001)(86612001)(14454004)(2351001)(486006)(5250100002)(476003)(97736004)(236005)(52396003)(22452003)(2501003)(53936002)(8676002)(68736007)(72206003)(5640700003)(6116002)(2906002)(46003)(81166006)(81156014)(10290500003)(790700001)(9686003)(5630700001)(7696005)(7736002)(99286004)(25786009)(21615005)(3280700002)(478600001)(316002)(59450400001)(5660300001)(3660700001)(186003)(6346003)(74316002)(53376002)(6506007)(966005)(6306002)(2900100001)(55016002)(8936002)(10090500001)(106356001)(102836004)(6916009)(2420400007)(33656002)(606006)(6436002)(54896002)(7110500001)(15650500001)(8990500004)(217873001)(6606295002)(969003)(989001)(999001)(1009001)(1019001);
DIR:OUT; SFP:1102; SCL:1; SRVR:SN6PR00MB0366;
H:SN6PR00MB0304.namprd00.prod.outlook.com; FPR:; SPF:None; LANG:en;
PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate
permitted sender hosts)
authentication-results: spf=none (sender IP is )
smtp.mailfrom=Michael.Jones@microsoft.com;
x-microsoft-antispam-message-info: tcXDhoIDiec/Xv9HbrrodCMcGve5993XxQ2wibOgzPajlP8PIuxwu305/Jtyvv15KdU1oPpfJ853kFMA1krjmSn25SEaiBJ3cTE0VYCzWhhVlNhuEGQeAaklO7HfLafugVai0EM/URsjPUxU36FLCTPips7cXF5YFIaqlNIfT9sEv2B6s9Yn29zWYIQXRG8+
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative;
boundary="_000_SN6PR00MB03044DD73EAEF9BBDF7B2609F5980SN6PR00MB0304namp_"
MIME-Version: 1.0
X-MS-Office365-Filtering-Correlation-Id: 50e2c5f3-cd25-46c3-35b7-08d5b6095392
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 50e2c5f3-cd25-46c3-35b7-08d5b6095392
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 May 2018 00:02:31.4654 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR00MB0366
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/m_WsjR0CebpUpNOdr3Nx-qYCn_o>
Subject: [OAUTH-WG] JWT BCP updates addressing WGLC feedback
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>,
<mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>,
<mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 May 2018 00:02:35 -0000
The JSON Web Token (JWT) Best Current Practices (BCP) specification has been updated to address the Working Group Last Call (WGLC) feedback received. Thanks to Neil Madden for his numerous comments and to Carsten Bormann and Brian Campbell for their reviews. Assuming the chairs concur, the next step should be to request publication. The specification is available at: * https://tools.ietf.org/html/draft-ietf-oauth-jwt-bcp-03 An HTML-formatted version is also available at: * http://self-issued.info/docs/draft-ietf-oauth-jwt-bcp-03.html -- Mike P.S. This notice was also posted at http://self-issued.info/?p=1847 and as @selfissued<https://twitter.com/selfissued>.