[OAUTH-WG] Alissa Cooper's No Objection on draft-ietf-oauth-jwt-introspection-response-07: (with COMMENT)

Alissa Cooper via Datatracker <noreply@ietf.org> Wed, 04 September 2019 15:49 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: oauth@ietf.org
Delivered-To: oauth@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F5AD12087D; Wed, 4 Sep 2019 08:49:40 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Alissa Cooper via Datatracker <noreply@ietf.org>
To: "The IESG" <iesg@ietf.org>
Cc: draft-ietf-oauth-jwt-introspection-response@ietf.org, Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>, oauth-chairs@ietf.org, rifaat.ietf@gmail.com, oauth@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.100.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Alissa Cooper <alissa@cooperw.in>
Message-ID: <156761217998.22726.10487913212091468494.idtracker@ietfa.amsl.com>
Date: Wed, 04 Sep 2019 08:49:39 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/NHw5XnPv5_hxSwncNuKyQDdFCYs>
Subject: [OAUTH-WG] Alissa Cooper's No Objection on draft-ietf-oauth-jwt-introspection-response-07: (with COMMENT)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Sep 2019 15:49:40 -0000

Alissa Cooper has entered the following ballot position for
draft-ietf-oauth-jwt-introspection-response-07: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-oauth-jwt-introspection-response/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

I support Benjamin's DISCUSS point about the IESG being listed as the change
controller for the registry entries. Overall I'd like to understand better the
relationship between these registry entries and future updates to OpenID
Connect (i.e., if the claims in the OpenID spec change, will this registry
automatically need to change as well?).

I also support Adam's DISCUSS. How are claims like preferred_username currently
used for the described use case of verifying person data to create certificates?

If the linkage with the OpenID Connect 1.0 claims remains in the document, I
think it would be good to add a note in Section 1.1 or a new Section 1.2 to
indicate that the document uses terminology as defined in that spec (e.g.,
"End-User," "Relying Party," etc.).