[OAUTH-WG] OAuth 2.0 Token Exchange -02 enabling use of any token type

Mike Jones <Michael.Jones@microsoft.com> Tue, 07 July 2015 22:04 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D7C01AD49F for <oauth@ietfa.amsl.com>; Tue, 7 Jul 2015 15:04:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2siYiMB5CIX4 for <oauth@ietfa.amsl.com>; Tue, 7 Jul 2015 15:04:19 -0700 (PDT)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1bon0769.outbound.protection.outlook.com [IPv6:2a01:111:f400:fc10::1:769]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 578ED1AD49D for <oauth@ietf.org>; Tue, 7 Jul 2015 15:04:19 -0700 (PDT)
Received: from BY2PR03MB442.namprd03.prod.outlook.com (10.141.141.145) by BY2PR03MB442.namprd03.prod.outlook.com (10.141.141.145) with Microsoft SMTP Server (TLS) id 15.1.213.10; Tue, 7 Jul 2015 22:03:57 +0000
Received: from BY2PR03MB442.namprd03.prod.outlook.com ([10.141.141.145]) by BY2PR03MB442.namprd03.prod.outlook.com ([10.141.141.145]) with mapi id 15.01.0213.000; Tue, 7 Jul 2015 22:03:57 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: OAuth 2.0 Token Exchange -02 enabling use of any token type
Thread-Index: AdC5ANG2UcHTxTZUQvWbWy8cFY9Ccw==
Date: Tue, 7 Jul 2015 22:03:56 +0000
Message-ID: <BY2PR03MB442E408EAD89D8607CBEAA2F5920@BY2PR03MB442.namprd03.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;
x-originating-ip: [2001:4898:80e8:ed31::2]
x-microsoft-exchange-diagnostics: 1; BY2PR03MB442; 5:4inlDnVfgiqYNySL0EI9L4hqAmL1nQtG1bgGjcFjEFKxg8kwg+m7hq7czlwVU2kgxhv6wjZLLJvkkddFzrMDVhugpkNXcaCYnaGmR+fPkVM2fo5TTRQhRjkgbWPbdlvY/5Jmmf8R6DD2Tmx2oKmf4A==; 24:WmLHehIpbjzxjZbHbVIjL36VhAZBaaCgXQm9YGBCbmHyLNwGiSCWYt7dDMu2WFq7r8D2/e3NmxYOD5673AJOH8LNeKkFoAluGw8tLAOjlMo=; 20:ohmicXc6M3IuYTmj/PqZGBuRZ5FxS/Er07YzpZOj9pPEUKGr5b7QzrcJVS8nrxRlkMLim/iXfSpkgOJBeyFoQg==
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BY2PR03MB442;
by2pr03mb442: X-MS-Exchange-Organization-RulesExecuted
x-microsoft-antispam-prvs: <BY2PR03MB44206F0FEDECF1622478729F5920@BY2PR03MB442.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(108003899814671);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401001)(5005006)(3002001); SRVR:BY2PR03MB442; BCL:0; PCL:0; RULEID:; SRVR:BY2PR03MB442;
x-forefront-prvs: 0630013541
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(209900001)(77096005)(54356999)(50986999)(19300405004)(77156002)(92566002)(86612001)(450100001)(62966003)(19625215002)(19617315012)(87936001)(19580395003)(33656002)(2656002)(2351001)(2501003)(2900100001)(16236675004)(229853001)(86362001)(5001960100002)(110136002)(74316001)(107886002)(19609705001)(40100003)(102836002)(15975445007)(5002640100001)(46102003)(189998001)(99286002)(5003600100002)(3826002)(6606295002); DIR:OUT; SFP:1102; SCL:1; SRVR:BY2PR03MB442; H:BY2PR03MB442.namprd03.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
Content-Type: multipart/alternative; boundary="_000_BY2PR03MB442E408EAD89D8607CBEAA2F5920BY2PR03MB442namprd_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Jul 2015 22:03:57.0097 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR03MB442
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/Qiyh2NkmLXm06A4QUHeLSp23TbY>
Subject: [OAUTH-WG] OAuth 2.0 Token Exchange -02 enabling use of any token type
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jul 2015 22:04:21 -0000

Draft -02 of the OAuth 2.0 Token Exchange specification has been published, making the functionality token type independent.  Formerly, only JSON Web Tokens (JWTs) could be used in some contexts.  This was a change requested by working group participants during IETF 92 in Dallas.

The specification is available at:

*         https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-02

An HTML formatted version is also available at:

*         http://self-issued.info/docs/draft-ietf-oauth-token-exchange-02.html

                                                                -- Mike

P.S.  This note was also published at http://self-issued.info/?p=1412 and as @selfissued.