IETF Logo Mail Archive

[OAUTH-WG] December 27, 2012 OAuth Release

Mike Jones <Michael.Jones@microsoft.com> Sat, 29 December 2012 01:07 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5D03A21F8E3F for <oauth@ietfa.amsl.com>; Fri, 28 Dec 2012 17:07:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.611
X-Spam-Level:
X-Spam-Status: No, score=-2.611 tagged_above=-999 required=5 tests=[AWL=-0.013, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aTa67aq8af6G for <oauth@ietfa.amsl.com>; Fri, 28 Dec 2012 17:07:54 -0800 (PST)
Received: from NA01-BL2-obe.outbound.protection.outlook.com (na01-bl2-obe.ptr.protection.outlook.com [65.55.169.24]) by ietfa.amsl.com (Postfix) with ESMTP id 698A221F8E2A for <oauth@ietf.org>; Fri, 28 Dec 2012 17:07:50 -0800 (PST)
Received: from BY2FFO11FD008.protection.gbl (10.1.15.203) by BY2FFO11HUB025.protection.gbl (10.1.14.111) with Microsoft SMTP Server (TLS) id 15.0.586.12; Sat, 29 Dec 2012 01:07:47 +0000
Received: from TK5EX14HUBC106.redmond.corp.microsoft.com (131.107.125.37) by BY2FFO11FD008.mail.protection.outlook.com (10.1.14.159) with Microsoft SMTP Server (TLS) id 15.0.586.12 via Frontend Transport; Sat, 29 Dec 2012 01:07:47 +0000
Received: from TK5EX14MBXC283.redmond.corp.microsoft.com ([169.254.2.59]) by TK5EX14HUBC106.redmond.corp.microsoft.com ([157.54.80.61]) with mapi id 14.02.0318.003; Sat, 29 Dec 2012 01:07:46 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: December 27, 2012 OAuth Release
Thread-Index: Ac3lYOVg59Z0pf6IRui17x5NiyOcmw==
Date: Sat, 29 Dec 2012 01:07:46 +0000
Message-ID: <4E1F6AAD24975D4BA5B1680429673943669B0A1E@TK5EX14MBXC283.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.34]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B1680429673943669B0A1ETK5EX14MBXC283r_"
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(31966008)(5343635001)(15202345001)(33656001)(77982001)(59766001)(5343655001)(51856001)(47446002)(50986001)(74502001)(53806001)(74662001)(49866001)(76482001)(512954001)(54316002)(47736001)(47976001)(5343665001)(56776001)(44976002)(16236675001)(56816002)(55846006)(16406001)(54356001)(46102001)(4396001)(6606295001); DIR:OUT; SFP:; SCL:1; SRVR:BY2FFO11HUB025; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 07106EF9B9
Subject: [OAUTH-WG] December 27, 2012 OAuth Release
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Dec 2012 01:07:56 -0000

New versions of the OAuth JWT, JWT Bearer Profile, and Assertions specs have been released incorporating feedback since IETF 85 in Atlanta.  The primary change is changing the name of the "prn" claim to "sub" (subject) both to more closely align with SAML name usage and to use a more intuitive name for this concept.  (Also, see the related coordinated change to the OpenID Connect specifications<http://self-issued.info/?p=918>.)  The definition of the "aud" (audience) claim was also extended to allow JWTs to have multiple audiences (a feature also in SAML assertions).

An explanation was added to the JWT spec about why should be signed and then encrypted.

The audience definition in the Assertions specification was relaxed so that audience values can be OAuth "client_id" values.  Informative references to the SAML Bearer Profile and JWT Bearer Profile specs were also added.
This release incorporates editorial improvements suggested by Jeff Hodges, Hannes Tschofenig, and Prateek Mishra in their reviews of the JWT specification.  Many of these simplified the terminology usage.  See the Document History section of each specification for more details about the changes made.

This release is part of a coordinated release of JOSE, OAuth, and OpenID Connect specifications.  You can read about the other releases here:  JOSE Release Notes<http://self-issued.info/?p=913>, OpenID Connect Release Notes<http://self-issued.info/?p=918>.

The new specification versions are:

*        http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-06

*        http://tools.ietf.org/html/draft-ietf-oauth-jwt-bearer-04

*        http://tools.ietf.org/html/draft-ietf-oauth-assertions-09

HTML formatted versions are available at:

*        http://self-issued.info/docs/draft-ietf-oauth-json-web-token-06.html

*        http://self-issued.info/docs/draft-ietf-oauth-jwt-bearer-04.html

*        http://self-issued.info/docs/draft-ietf-oauth-assertions-09.html

                                                            -- Mike

v2.23.0 | Report a Bug | By Email