[OAUTH-WG] OAuth 2.0 JWT Bearer Token Profiles Specification Draft -04

Mike Jones <Michael.Jones@microsoft.com> Thu, 26 April 2012 20:53 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5348C21E8157 for <oauth@ietfa.amsl.com>; Thu, 26 Apr 2012 13:53:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.398
X-Spam-Level:
X-Spam-Status: No, score=-5.398 tagged_above=-999 required=5 tests=[AWL=1.200, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qnCmrhZoOQTr for <oauth@ietfa.amsl.com>; Thu, 26 Apr 2012 13:53:52 -0700 (PDT)
Received: from tx2outboundpool.messaging.microsoft.com (tx2ehsobe004.messaging.microsoft.com [65.55.88.14]) by ietfa.amsl.com (Postfix) with ESMTP id E37F811E80A3 for <oauth@ietf.org>; Thu, 26 Apr 2012 13:53:50 -0700 (PDT)
Received: from mail182-tx2-R.bigfish.com (10.9.14.250) by TX2EHSOBE010.bigfish.com (10.9.40.30) with Microsoft SMTP Server id 14.1.225.23; Thu, 26 Apr 2012 20:53:49 +0000
Received: from mail182-tx2 (localhost [127.0.0.1]) by mail182-tx2-R.bigfish.com (Postfix) with ESMTP id 03F9A2A040C for <oauth@ietf.org>; Thu, 26 Apr 2012 20:53:49 +0000 (UTC)
X-SpamScore: -19
X-BigFish: VS-19(zzc85fhzz1202hzz1033IL8275eh8275bh8275dha1495iz2fh2a8h668h839hd25h)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14MLTC104.redmond.corp.microsoft.com; RD:none; EFVD:NLI
Received-SPF: pass (mail182-tx2: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=Michael.Jones@microsoft.com; helo=TK5EX14MLTC104.redmond.corp.microsoft.com ; icrosoft.com ;
Received: from mail182-tx2 (localhost.localdomain [127.0.0.1]) by mail182-tx2 (MessageSwitch) id 1335473626656302_21790; Thu, 26 Apr 2012 20:53:46 +0000 (UTC)
Received: from TX2EHSMHS035.bigfish.com (unknown [10.9.14.240]) by mail182-tx2.bigfish.com (Postfix) with ESMTP id 9A69E8011D for <oauth@ietf.org>; Thu, 26 Apr 2012 20:53:46 +0000 (UTC)
Received: from TK5EX14MLTC104.redmond.corp.microsoft.com (131.107.125.8) by TX2EHSMHS035.bigfish.com (10.9.99.135) with Microsoft SMTP Server (TLS) id 14.1.225.23; Thu, 26 Apr 2012 20:53:45 +0000
Received: from TK5EX14MBXC284.redmond.corp.microsoft.com ([169.254.1.73]) by TK5EX14MLTC104.redmond.corp.microsoft.com ([157.54.79.159]) with mapi id 14.02.0298.005; Thu, 26 Apr 2012 20:53:43 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: OAuth 2.0 JWT Bearer Token Profiles Specification Draft -04
Thread-Index: Ac0j7qUkXVRjqDKuTWWLAyS7pQtPGw==
Date: Thu, 26 Apr 2012 20:53:43 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739436649B615@TK5EX14MBXC284.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.73]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B16804296739436649B615TK5EX14MBXC284r_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
Subject: [OAUTH-WG] OAuth 2.0 JWT Bearer Token Profiles Specification Draft -04
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Apr 2012 20:53:54 -0000

Draft 04 of the OAuth 2.0 JWT Bearer Token Profiles Specification<http://tools.ietf.org/html/draft-jones-oauth-jwt-bearer> has been published.  This version tracks changes in the OAuth 2.0 Assertion Profile<http://tools.ietf.org/html/draft-ietf-oauth-assertions> and SAML 2.0 Bearer Assertion Profiles for OAuth 2.0<http://tools.ietf.org/html/draft-ietf-oauth-saml2-bearer> specifications made in response to working group last call comments, as announced by Brian Campbell<http://www.ietf.org/mail-archive/web/oauth/current/msg08926.html>ml>.

Changes made were:

  *   Merged in changes between draft-ietf-oauth-saml2-bearer-09 and draft-ietf-oauth-saml2-bearer-11.
  *   Added the optional iat (issued at) claim, which was already present in the JWT spec.

The draft is available at:

*         http://tools.ietf.org/html/draft-jones-oauth-jwt-bearer-04
An HTML-formatted version is available at:

*         http://self-issued.info/docs/draft-jones-oauth-jwt-bearer-04.html

                                                                -- Mike