Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-token-05
Mike Jones <Michael.Jones@microsoft.com> Sat, 29 December 2012 01:11 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA1B821F8E3C for <oauth@ietfa.amsl.com>; Fri, 28 Dec 2012 17:11:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.61
X-Spam-Level:
X-Spam-Status: No, score=-2.61 tagged_above=-999 required=5 tests=[AWL=-0.012, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rvzZ8mKUVcUB for <oauth@ietfa.amsl.com>; Fri, 28 Dec 2012 17:11:54 -0800 (PST)
Received: from NA01-BY2-obe.outbound.protection.outlook.com (na01-by2-obe.ptr.protection.outlook.com [207.46.100.27]) by ietfa.amsl.com (Postfix) with ESMTP id B13E821F8E1D for <oauth@ietf.org>; Fri, 28 Dec 2012 17:11:54 -0800 (PST)
Received: from BL2FFO11FD004.protection.gbl (10.173.161.201) by BL2FFO11HUB016.protection.gbl (10.173.160.108) with Microsoft SMTP Server (TLS) id 15.0.586.12; Sat, 29 Dec 2012 01:11:51 +0000
Received: from TK5EX14MLTC103.redmond.corp.microsoft.com (131.107.125.37) by BL2FFO11FD004.mail.protection.outlook.com (10.173.160.104) with Microsoft SMTP Server (TLS) id 15.0.586.12 via Frontend Transport; Sat, 29 Dec 2012 01:11:51 +0000
Received: from TK5EX14MBXC283.redmond.corp.microsoft.com ([169.254.2.59]) by TK5EX14MLTC103.redmond.corp.microsoft.com ([157.54.79.174]) with mapi id 14.02.0318.003; Sat, 29 Dec 2012 01:11:50 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Jeff Hodges <Jeff.Hodges@kingsmountain.com>, Nat Sakimura <sakimura@gmail.com>
Thread-Topic: [OAUTH-WG] review: draft-ietf-oauth-json-web-token-05
Thread-Index: Ac3lYXPoELEFPMRSTq+X4Nh79LI8wg==
Date: Sat, 29 Dec 2012 01:11:49 +0000
Message-ID: <4E1F6AAD24975D4BA5B1680429673943669B0B1F@TK5EX14MBXC283.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.34]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B1680429673943669B0B1FTK5EX14MBXC283r_"
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(51914002)(51704002)(377454001)(4396001)(49866001)(44976002)(46102001)(74502001)(15202345001)(74662001)(47446002)(31966008)(550184003)(50986001)(47976001)(47736001)(5343645001)(54316002)(5343655001)(51856001)(55846006)(5343635001)(77982001)(56776001)(512874001)(59766001)(16236675001)(54356001)(33656001)(76482001)(15395725002)(16406001)(56816002)(53806001); DIR:OUT; SFP:; SCL:1; SRVR:BL2FFO11HUB016; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 07106EF9B9
Cc: IETF oauth WG <oauth@ietf.org>
Subject: Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-token-05
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Dec 2012 01:11:55 -0000
I found the X.1252 definition. It is:
6.18 claim [b-OED]: To state as being the case, without being able to give proof.
That seems both a bit vague, and actually incorrect, as the JWT may include proof of the veracity of the claim. Please see the updated JWT draft for a hopefully more useful “Claim” definition.
Best wishes,
-- Mike
From: Mike Jones
Sent: Sunday, December 23, 2012 1:03 PM
To: Jeff Hodges; Nat Sakimura
Cc: IETF oauth WG
Subject: RE: [OAUTH-WG] review: draft-ietf-oauth-json-web-token-05
What is the X.1252 definition?
-- Mike
From: Nat Sakimura
Sent: December 23, 2012 10:09 AM
To: =JeffH
CC: Mike Jones, IETF oauth WG
Subject: Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-token-05
Re definition of 'claim', as JWT is supposed to be generic, it may be
better to go with the definition of X.1252 rather than OIDC.
=nat via iPhone
Dec 24, 2012 2:42、=JeffH <Jeff.Hodges@kingsmountain.com<mailto:Jeff.Hodges@kingsmountain.com>> のメッセージ:
>
> > Thanks for the replies, Jeff. They make sense. Particularly, thanks for
> > the "JSON Text Object" suggestion.
>
> welcome, glad they made some sense.
>
> similarly, if one employs JSON arrays, I'd define a "JSON text array".
>
>
> > For the "claims" definition, I'm actually prone to go with definitions based
> > on those in
> > http://openid.net/specs/openid-connect-messages-1_0-13.html#terminology -
> > specifically:
> >
> > Claim
> > A piece of information about an Entity that a Claims Provider asserts about
> > that Entity.
> > Claims Provider
> > A system or service that can return Claims about an Entity.
> > End-User
> > A human user of a system or service.
> > Entity
> > Something that has a separate and distinct existence and that can be
> > identified in context. An End-User is one example of an Entity.
>
> well, it seems to me, given the manner in which the JWT spec is written, one can make the case that JWT claims in general aren't necessarily about an Entity (as the latter term is used in the context of the OpenID Connect specs), rather they're in general simply assertions about something(s). this is because all pre-defined JWT claim types are optional and all JWT semantics are left up to specs that profile (aka re-use) the JWT spec.
>
> HTH,
>
> =JeffH
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org<mailto:OAuth@ietf.org>
> https://www.ietf.org/mailman/listinfo/oauth
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… =JeffH
- [OAUTH-WG] review: draft-ietf-oauth-json-web-toke… =JeffH
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… John Bradley
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… =JeffH
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… Mike Jones
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… Nat Sakimura
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… Mike Jones
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… Nat Sakimura
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… Dick Hardt
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… Mike Jones
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… Mike Jones
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… Mike Jones
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… David Chadwick
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… Antonio Sanso
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… John Bradley
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… Antonio Sanso
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… Nat Sakimura
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… Anthony Nadalin
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… Nat Sakimura
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… Anthony Nadalin
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… Mike Jones
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… Mike Jones
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… David Chadwick
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… Antonio Sanso
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… Anthony Nadalin
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… Anthony Nadalin
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… David Chadwick
- Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-… John Bradley