Re: [OAUTH-WG] Second WGLC on "JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens"

Brian Campbell <bcampbell@pingidentity.com> Mon, 27 April 2020 13:26 UTC

Return-Path: <bcampbell@pingidentity.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18F083A0A63 for <oauth@ietfa.amsl.com>; Mon, 27 Apr 2020 06:26:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q2h2daLKOHyv for <oauth@ietfa.amsl.com>; Mon, 27 Apr 2020 06:25:59 -0700 (PDT)
Received: from mail-lf1-x12a.google.com (mail-lf1-x12a.google.com [IPv6:2a00:1450:4864:20::12a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 861D83A0A5D for <oauth@ietf.org>; Mon, 27 Apr 2020 06:25:59 -0700 (PDT)
Received: by mail-lf1-x12a.google.com with SMTP id m2so13788120lfo.6 for <oauth@ietf.org>; Mon, 27 Apr 2020 06:25:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ry2edcbY+rdF5TdfxGa/Ymc+ewm3wDWAzFMbhdJNPbI=; b=BRVVPoBz6e1k044hodQ4fy3tRJbUR4VkKoVXnfspR+mrnJkGGmVQK4GQVz/5vC0fLz S6XRjpc20G9IaDsvfZVfAUuECid8TNeBGytnwVNZhPoQ/flp6DtLjXwybdlM5B7pz3Lu YX8+PfVZANcvp5iHSDDUlue50L1YGEMbmFzE7zRjouaNwvcsjjc/cbrToo71GEs9dQb2 tr5vpe3zY9vrGVLk98mcmXBoHLiezaojcQq4O0CxN0U4U9J4UFn9lXgu0kPiB8/FC/Fe IyyofbcZO824fNBdaE5Wmb/58Mw5mBiTX9RkRQutUZPDhJvEqlhkmW+dB+iz7R2SbfFE SufA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ry2edcbY+rdF5TdfxGa/Ymc+ewm3wDWAzFMbhdJNPbI=; b=NA23IqUKAHr28GNFNBYywk1vNNt23Bh6YXGQ9kvryGhwQYZLXMmMGYjyoIAplblD2V D9hUKfxpjS3UtO9C8DSCTM5c8DY9YuArPToui8GeQvQDGH7lIx3bADsPCQTK0145VCL/ pD6xD9fNtYKQX3DqLbMc753BLG9MnuiW+D5sdwG0hW28+Cmh1YUdL+1u4VjFLrgXdFQy lwfRCwQJh1mDTminn0slC9vcSbVaXOdinGOIlcAIIyzqVkgTcZDDo49+ELTARRwh/q8w ifeSuDv6KGUWdSNg1DDRNs2bUD+RWk5N/NCAelnOY/lsHc7/7GWTlme1vHNKqg1ZuwtN ulRA==
X-Gm-Message-State: AGi0PuYhwRryfdLmw6LuDzeAXJ6Nh/tBrkeC2SWg1gEKFZFykLAXqul9 qlx/nojh6Z/8oEFMNdGXl2iAjcilejpG8HSaBEycuQkHe3clAE196eImLn8Lrg21rjr7LWFUPhk KCo6FgPqVsyfLEE30z1k=
X-Google-Smtp-Source: APiQypKkBbGCuQjDm1IqOrwOiNtifBxiHJbRAaBHKRK/HJMiICK18o/MGeL6kblMAG7TxxqrJ6WgIOvQVxWIQU5Y8rw=
X-Received: by 2002:ac2:46e5:: with SMTP id q5mr15649776lfo.11.1587993957351; Mon, 27 Apr 2020 06:25:57 -0700 (PDT)
MIME-Version: 1.0
References: <CH2PR00MB0678F20EF90E9FDBD8C3A705F5D50@CH2PR00MB0678.namprd00.prod.outlook.com> <MWHPR19MB15017DDCA5AA4C8CC95605F8AED20@MWHPR19MB1501.namprd19.prod.outlook.com> <20200425020227.GE27494@kduck.mit.edu> <MWHPR19MB1501CDB276081E30D92C7980AEAF0@MWHPR19MB1501.namprd19.prod.outlook.com>
In-Reply-To: <MWHPR19MB1501CDB276081E30D92C7980AEAF0@MWHPR19MB1501.namprd19.prod.outlook.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Mon, 27 Apr 2020 07:25:31 -0600
Message-ID: <CA+k3eCTtj26wPahKfEu21st71B=8Vo_h7--OM0Rj7sahOie+ow@mail.gmail.com>
To: Vittorio Bertocci <vittorio.bertocci=40auth0.com@dmarc.ietf.org>
Cc: Benjamin Kaduk <kaduk@mit.edu>, oauth <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000bc526f05a445a7b5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/MT9vEP_4NRFmzj93Zy3BxgQcw50>
Subject: Re: [OAUTH-WG] Second WGLC on "JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens"
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Apr 2020 13:26:02 -0000

This old thread
https://mailarchive.ietf.org/arch/msg/oauth/1ajE-d3nVOFRGLbwMmPViDhEdqw/
has some discussion of working with/around that particular quirk of the
htmlizing tool.

On Mon, Apr 27, 2020 at 2:34 AM Vittorio Bertocci <vittorio.bertocci=
40auth0.com@dmarc.ietf.org> wrote:

> Thank you for bringing this up Benjamin, you saved me from a long wild
> goose chase!
> It' good to know that there's a new rfc format version, but I am a bit
> worried about venturing there given that I am barely managing the v2 as it
> is __ v3 still feels pretty experimental, and other than this issue, this
> spec doesn't give a lot of opportunities to take advantage of the new
> features (SVG etc).
> Wondering whether I can find a periphrase to express the same notion
> without triggering the script, e.g. omitting the word section or changing
> the order.
> Thx
> V.
>
> On 4/24/20, 19:02, "Benjamin Kaduk" <kaduk@mit.edu> wrote:
>
>     Just on the xml2rfc bits...
>
>     On Wed, Apr 22, 2020 at 07:26:40AM +0000, Vittorio Bertocci wrote:
>     >
>     > > Link to section 4.1.2 of SCIM Core is actually linking to section
> 4.1.2 of this doc.
>     > Oh wow. That’s a feature of XML2RFC,… my source simply says by
> section 4.1.2 of SCIM Core  in a <t> block, and the processor interpret it
> as an internal link. I’ll need to dig on how to prevent that from happening
> for this instance. Good catch!
>
>     The short form is "you can't".
>
>     You're using the "v2" XML format for xml2rfc, which produces as various
>     output formats text, pdf, and "htmlized" output.  The "htmlized"
> output is
>     called that and not "html" because it's the result of taking the text
>     output and running a script to turn common constructions in I-Ds and
> RFCs
>     into hopefully-useful HTML formatting.  In this case, "Section N"
> outside
>     of "Section N of [bracketed-reference]" is assumed to be "Section N of
> the
>     current document", and that's all that the htmlization script is going
> to
>     give you, since it's not working with the semantic richness of the XML
>     source.
>
>     We do, however, as of fairly recently have a "v3" XML format, which is
>     capable of producing native HTML output that includes SVG figures and
> the
>     other exciting features of "v3 XML".  For an example, see
>     https://www.ietf.org/id/draft-ietf-tsvwg-datagram-plpmtud-19.html .
>
>     I personally haven't done any v2-to-v3 conversions yet (too busy
> reading to
>     have time to do much writing), but the FAQ entry for doing so is at
>
> https://www.rfc-editor.org/materials/FAQ-xml2rfcv3.html#name-how-do-i-convert-my-xml-fil
>     .
>
>     Hope that helps,
>
>     Ben
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>

-- 
_CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately 
by e-mail and delete the message and any file attachments from your 
computer. Thank you._