Re: [OAUTH-WG] RFC 7009
Justin Richer <jricher@mit.edu> Tue, 06 June 2017 16:12 UTC
Return-Path: <jricher@mit.edu>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E14A712940C for <oauth@ietfa.amsl.com>; Tue, 6 Jun 2017 09:12:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.715
X-Spam-Level:
X-Spam-Status: No, score=-2.715 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, SUBJ_ALL_CAPS=1.506] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gvI3zBIpUv4B for <oauth@ietfa.amsl.com>; Tue, 6 Jun 2017 09:12:12 -0700 (PDT)
Received: from dmz-mailsec-scanner-2.mit.edu (dmz-mailsec-scanner-2.mit.edu [18.9.25.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A382126C83 for <oauth@ietf.org>; Tue, 6 Jun 2017 09:12:12 -0700 (PDT)
X-AuditID: 1209190d-ec7ff70000006ed0-ea-5936d45ac7a0
Received: from mailhub-auth-1.mit.edu ( [18.9.21.35]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-2.mit.edu (Symantec Messaging Gateway) with SMTP id 6D.72.28368.A54D6395; Tue, 6 Jun 2017 12:12:10 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id v56GC9Jk013667; Tue, 6 Jun 2017 12:12:10 -0400
Received: from artemisia.richer.local (static-96-237-195-53.bstnma.fios.verizon.net [96.237.195.53]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id v56GC7Ui022212 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 6 Jun 2017 12:12:08 -0400
From: Justin Richer <jricher@mit.edu>
Message-Id: <FAF2C6DD-0A7A-4BE1-BDD3-E54B822CCD4D@mit.edu>
Content-Type: multipart/alternative; boundary="Apple-Mail=_668E2DCD-BEA2-4400-9CB5-521935C6C6D9"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Tue, 06 Jun 2017 12:12:07 -0400
In-Reply-To: <CY4PR03MB2920241827103D122E9EC82085FF0@CY4PR03MB2920.namprd03.prod.outlook.com>
Cc: "<oauth@ietf.org>" <oauth@ietf.org>
To: Brig Lamoreaux <Brig.Lamoreaux@microsoft.com>
References: <CY4PR03MB2920241827103D122E9EC82085FF0@CY4PR03MB2920.namprd03.prod.outlook.com>
X-Mailer: Apple Mail (2.3273)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrHIsWRmVeSWpSXmKPExsUixCmqrBt1xSzS4HebtcWZZ7+ZLU6+fcXm wOSxZMlPJo/WHX/ZA5iiuGxSUnMyy1KL9O0SuDIa9+sU7PeuuDOlnbWB8aVTFyMHh4SAicTu GcZdjFwcQgKLmSTmHD/PAuFsYJSYe/I1E4TzgEliyfHzrF2MnBxsAqoS09e0MIHYvAJWEhNm zWQCmcQskCSxcgcriMkroC/R+5wRpEJYQEHi8JKjzCA2i4CKxKKdf9hAbE6BWImbfd3sEJ3q Eu0nXUDCIgKGEq0z2sAWCQnESPz70A1mSwjIStyafYl5AiP/LIRdsxB2zQIqYhbQlli28DUz hK0psb97OQumuIZE57eJrAsY2VYxyqbkVunmJmbmFKcm6xYnJ+blpRbpGunlZpbopaaUbmIE B7Mk7w7Gf3e9DjEKcDAq8fAK7DKLFGJNLCuuzD3EKMnBpCTKG3kJKMSXlJ9SmZFYnBFfVJqT WnyIUYKDWUmE99YaoBxvSmJlVWpRPkxKmoNFSZxXXKMxQkggPbEkNTs1tSC1CCYrw8GhJMH7 GGSoYFFqempFWmZOCUKaiYMTZDgP0PA/p0CGFxck5hZnpkPkTzEqSonzsoM0C4AkMkrz4HpB ySbh7WHTV4ziQK8I894HqeIBJiq47ldAg5mABvNdMgEZXJKIkJJqYJzAtirju926H8/u1zRI TedSMveWrltgnXlrdtTiAwolk2xmfuribfn88/0O2aKojzczp34ovbyY4Wzmh+QSV+ajuh1f bjunr2wLy39sNCNQ8ckvtpWWAgtYrJb53M15tmVbyy0+x0TzXZyPfp7IdHqhU9FWu69RX/G3 wr2Pqhy9BX0nH7ute6HEUpyRaKjFXFScCADx0KwJEQMAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/LJryjIT4EryJNFTiv6_AlwPpwF4>
Subject: Re: [OAUTH-WG] RFC 7009
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Jun 2017 16:12:15 -0000
OAuth doesn’t specify and specific timeout period, it’s up to the AS that issues the token to determine how long the token is good for. RFC7009 isn’t about timeout periods, it’s about the client proactively telling the AS that it doesn’t need a token anymore and the AS should throw it out, likely prior to any timeouts. — Justin > On May 25, 2017, at 12:23 PM, Brig Lamoreaux <Brig.Lamoreaux@microsoft.com> wrote: > > Hi, > > What is the specified timeout period to invalidate the token? > > Brig Lamoreaux > Data Solution Architect > brig.lamoreaux@microsoft.com <mailto:brig.lamoreaux@microsoft.com> > 480-828-8707 > US Desert/Mountain Tempe > > > <image001.jpg> > > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org <mailto:OAuth@ietf.org> > https://www.ietf.org/mailman/listinfo/oauth <https://www.ietf.org/mailman/listinfo/oauth>
- [OAUTH-WG] RFC 7009 Brig Lamoreaux
- Re: [OAUTH-WG] RFC 7009 Justin Richer
- Re: [OAUTH-WG] RFC 7009 Justin Richer
- Re: [OAUTH-WG] RFC 7009 Justin Richer
- Re: [OAUTH-WG] RFC 7009 Phil Hunt (IDM)
- Re: [OAUTH-WG] RFC 7009 Brig Lamoreaux
- Re: [OAUTH-WG] RFC 7009 Brig Lamoreaux
- Re: [OAUTH-WG] RFC 7009 Justin Richer