IETF Logo Mail Archive

[OAUTH-WG] JWT BCP draft adding Nested JWT guidance

Mike Jones <Michael.Jones@microsoft.com> Fri, 23 March 2018 11:20 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A22612D7E5 for <oauth@ietfa.amsl.com>; Fri, 23 Mar 2018 04:20:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kO53oeDC0a0Q for <oauth@ietfa.amsl.com>; Fri, 23 Mar 2018 04:20:57 -0700 (PDT)
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-cys01nam02on0095.outbound.protection.outlook.com [104.47.37.95]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2BD6712D86B for <oauth@ietf.org>; Fri, 23 Mar 2018 04:20:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=hDO94RFPn596xZCIeGT0EAz3W28nfZV5jv55djZNYmY=; b=oh4iofcVbb+ZQhGiF95X+F1pfaenSXFY/7sJqQd9k9eNyxqr3pVC38z0d8vpnFVY9u6XivQpp41l8uQ8Cs/bFlLPQNXiP53fYayuyldxmLPC5WUoUHUsmFyr2/GhPWsYr1HLXTvKaIPAVlQuoVaYCZYPL9E77H08P7Zmbeq30Dc=
Received: from BL0PR00MB0292.namprd00.prod.outlook.com (52.132.19.158) by BL0PR00MB0292.namprd00.prod.outlook.com (52.132.19.158) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.656.0; Fri, 23 Mar 2018 11:20:50 +0000
Received: from BL0PR00MB0292.namprd00.prod.outlook.com ([fe80::58c9:a553:b191:62b8]) by BL0PR00MB0292.namprd00.prod.outlook.com ([fe80::58c9:a553:b191:62b8%3]) with mapi id 15.20.0656.000; Fri, 23 Mar 2018 11:20:50 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: JWT BCP draft adding Nested JWT guidance
Thread-Index: AdPCk7THDCD7nFSjTMWpE1HcWPo5pw==
Date: Fri, 23 Mar 2018 11:20:50 +0000
Message-ID: <BL0PR00MB0292A9171AFC43A86F616A24F5A80@BL0PR00MB0292.namprd00.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [31.133.132.12]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BL0PR00MB0292; 7:KYXa/c+l9kJ436ONgyneRw3DoBcEIKpWb1lStphxAr76qQLOFfEvdtKnd4RzrmmlaYn3wAGkPg66v+vIvGr9Nj03aWKKI3LffyqaZUdVrpPNeP36sYPH288QwGeZ4NcKj5rWhZAyHMvhEoI/gSy+P78dkgSO2wjgnkC5pMRgQHMeEcuF3QI4OYxzG4q8fyMgLdvo5JZam0Z0vA13W0kkSLrx34mNSJR/JDKN7wP5klEGcp3XcAlrLttlcZ11olAB; 20:SYhjGJx566nAbhGYKZtS0RYARrx6zGfgkvgUXAeLv2fsUUKg//P5MqQnppL2EhIT3q7tPAZsZVFckolEhnBe0O4KCQUJn1AGr3sGLIh5ICceBov/tLJo6OUJx6yvwNhtC+3dygnW8CaFhog7Rll1fR1sVFBgi9ETXpn8txHg9Zs=
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: c97605a3-27ae-4e91-62f3-08d590b02252
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4604075)(3008032)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7193020); SRVR:BL0PR00MB0292;
x-ms-traffictypediagnostic: BL0PR00MB0292:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-microsoft-antispam-prvs: <BL0PR00MB02921F02144B24BE18AB458AF5A80@BL0PR00MB0292.namprd00.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(31418570063057)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(61425038)(6040522)(2401047)(8121501046)(5005006)(3231221)(944501327)(52105095)(10201501046)(3002001)(93006095)(93001095)(6055026)(61426038)(61427038)(6041310)(20161123562045)(20161123558120)(20161123560045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011); SRVR:BL0PR00MB0292; BCL:0; PCL:0; RULEID:; SRVR:BL0PR00MB0292;
x-forefront-prvs: 0620CADDF3
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(396003)(39860400002)(346002)(366004)(376002)(39380400002)(209900001)(199004)(189003)(3846002)(790700001)(22452003)(66066001)(102836004)(186003)(74316002)(6506007)(5640700003)(6116002)(2501003)(86612001)(7696005)(59450400001)(97736004)(5660300001)(316002)(26005)(606006)(14454004)(99286004)(7736002)(86362001)(2900100001)(2906002)(478600001)(10090500001)(6916009)(5630700001)(33656002)(8936002)(53376002)(8990500004)(25786009)(1730700003)(53936002)(3280700002)(81156014)(10290500003)(8676002)(81166006)(2351001)(106356001)(3660700001)(6436002)(5250100002)(72206003)(236005)(966005)(9686003)(105586002)(6306002)(54896002)(55016002)(68736007)(217873001)(6606295002); DIR:OUT; SFP:1102; SCL:1; SRVR:BL0PR00MB0292; H:BL0PR00MB0292.namprd00.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: dJx90uI3FUMAhuc5U1mFD8zSa8susiM5BzDBSmtn3TY7e2J31uwZF3iRjBELXmcNZf1SSL+XiKcEme05+39G7hdh7Yc7uoZDUeeIJcd/2aRsXvem3pwUiK+NLlWCy+gNR3c5U2HMfkCRQW/lNY7Ukx7k8Hh32g6vkz3CkbO8LJBDbFBT6IIa1QAEADOx01Iy9f13iBPnt2fR1hkmPNUMq+Da50I8vq3x6vet/nxs+qIr94GQBahXgKu5QNC2rb/AKi63jg/FozZAWEdOEp0Bg0EbXWWO9avKa80yw8QjHOt21Zo4yyszRlGRxP8T34PNIoKE8lM7nNrr+hmFSuqWOA==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_BL0PR00MB0292A9171AFC43A86F616A24F5A80BL0PR00MB0292namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: c97605a3-27ae-4e91-62f3-08d590b02252
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Mar 2018 11:20:50.6501 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR00MB0292
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/e9M-GoWApt8wojfm9y-nkeNNG_s>
Subject: [OAUTH-WG] JWT BCP draft adding Nested JWT guidance
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Mar 2018 11:20:59 -0000

The JSON Web Token (JWT) Best Current Practices (BCP) specification has been updated to add guidance on how to explicitly type Nested JWTs.  Thanks to Brian Campbell for suggesting the addition.

The specification is available at:

  *   https://tools.ietf.org/html/draft-ietf-oauth-jwt-bcp-01

An HTML-formatted version is also available at:

  *   http://self-issued.info/docs/draft-ietf-oauth-jwt-bcp-01.html

                                                       -- Mike

P.S. This notice was also posted at http://self-issued.info/?p=1801 and as @selfissued<https://twitter.com/selfissued>.

v2.23.0 | Report a Bug | By Email