[OAUTH-WG] OAuth Authorization Server Metadata spec incorporating WGLC feedback

Mike Jones <Michael.Jones@microsoft.com> Sat, 11 March 2017 02:07 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D79AB129514 for <oauth@ietfa.amsl.com>; Fri, 10 Mar 2017 18:07:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.02
X-Spam-Level:
X-Spam-Status: No, score=-2.02 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2a5oZ9w5qnsm for <oauth@ietfa.amsl.com>; Fri, 10 Mar 2017 18:07:19 -0800 (PST)
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on0121.outbound.protection.outlook.com [104.47.36.121]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EB2C8129503 for <oauth@ietf.org>; Fri, 10 Mar 2017 18:07:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=wCk/1X7e8F0mWMQZE26U8oq9+V0PfuLNNC1nb7TXgXc=; b=UNaEPp3FpVsCtJngSeLbG0TPpdTljfxqx6Upp9Nwv+un259lT0ARXQ/jElwcIocjCILxh+i2y9JNPB3KhEbRfw/wE3QCcn9PX+TE7vX45oiGw0le0F2HOopPGm13OchWtHfenijaBfr5s0KImFDPAaSsltFVO6lkzWw+TS+88cM=
Received: from CY4PR21MB0504.namprd21.prod.outlook.com (10.172.122.14) by CY4PR21MB0503.namprd21.prod.outlook.com (10.172.122.13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.947.0; Sat, 11 Mar 2017 02:07:17 +0000
Received: from CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) by CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) with mapi id 15.01.0947.022; Sat, 11 Mar 2017 02:07:17 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: OAuth Authorization Server Metadata spec incorporating WGLC feedback
Thread-Index: AdKaCIr9F4iYVPNUR5e0ATjT3hGWRw==
Date: Sat, 11 Mar 2017 02:07:17 +0000
Message-ID: <CY4PR21MB050493334563F57FF7FD2812F5230@CY4PR21MB0504.namprd21.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=microsoft.com;
x-originating-ip: [2001:4898:80e8:e::36]
x-ms-office365-filtering-correlation-id: 218d2a1a-51a0-4aaf-7303-08d468235809
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081); SRVR:CY4PR21MB0503;
x-microsoft-exchange-diagnostics: 1; CY4PR21MB0503; 7:8T+QI/bMB46gJlkaawi7jIwgviBYyky45bTk49qabfioOABxq0oFRMUxk9lxJ0abnrk3H9du3kaq9+YcUrgi2nDffJ9hk01QIpsDeb23E0yi60ImHdc6xfCbA9oOWgvGCzLLDbAaZJ1K/MokWEFpnrttC86hAzcf6H2oegqi1eKRNd+pn9tE1Xs+saRd/6y6gi1xyTAMf3mdbXOgtNO9qzXDscHTm64aF6d0U0qnI2VXJU6HADOwvn7in+wxOw/9/XJ1aq41Ko1u07dBdl36bm7pCBYMLhvirSlnkQGhTgRJEfWO7pt4hGn5XONCg8gC7+5UQwiNlaRBx+0XGLhJozhhE+BET5MT/yxXQL07Rtw=
x-microsoft-antispam-prvs: <CY4PR21MB05030B2168736AC148E40E0CF5230@CY4PR21MB0503.namprd21.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(31418570063057)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(6040375)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001)(6055026)(61426038)(61427038)(6041248)(20161123562025)(20161123555025)(20161123560025)(20161123564025)(20161123558025)(6072148); SRVR:CY4PR21MB0503; BCL:0; PCL:0; RULEID:; SRVR:CY4PR21MB0503;
x-forefront-prvs: 0243E5FD68
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39450400003)(39860400002)(39850400002)(39410400002)(39840400002)(209900001)(5630700001)(6916009)(189998001)(2351001)(2501003)(2900100001)(6116002)(102836003)(790700001)(99286003)(5005710100001)(25786008)(5660300001)(7696004)(122556002)(77096006)(8990500004)(55016002)(5640700003)(10290500002)(74316002)(7736002)(966004)(10090500001)(6436002)(6506006)(33656002)(236005)(54356999)(9686003)(7906003)(50986999)(6306002)(54896002)(606005)(38730400002)(86612001)(53936002)(86362001)(3280700002)(8936002)(8676002)(2906002)(110136004)(53376002)(81166006)(3660700001)(1730700003)(6606295002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0503; H:CY4PR21MB0504.namprd21.prod.outlook.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_CY4PR21MB050493334563F57FF7FD2812F5230CY4PR21MB0504namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Mar 2017 02:07:17.3058 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0503
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/I4nm9UDdt4b8x3JKtLrYz8u-sI0>
Subject: [OAUTH-WG] OAuth Authorization Server Metadata spec incorporating WGLC feedback
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Mar 2017 02:07:21 -0000

The OAuth Authorization Server Metadata specification has been updated to incorporate the working group last call feedback received.  Thanks to William Denniss and Hannes Tschofenig for their reviews.  Use of the "https" scheme for the "jwks_uri" URL is now required.  The precedence of signed metadata values over unsigned values was clarified.  Unused references were removed.

The specification is available at:

*         https://tools.ietf.org/html/draft-ietf-oauth-discovery-06

An HTML-formatted version is also available at:

*         http://self-issued.info/docs/draft-ietf-oauth-discovery-06.html

                                                                -- Mike

P.S.  This notice was also posted at http://self-issued.info/?p=1655 and as @selfissued<https://twitter.com/selfissued>.