Re: [OAUTH-WG] Updated shepherd writeup for draft-ietf-oauth-access-token-jwt-09
Brian Campbell <bcampbell@pingidentity.com> Mon, 21 September 2020 15:35 UTC
Return-Path: <bcampbell@pingidentity.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 95C593A08AF for <oauth@ietfa.amsl.com>; Mon, 21 Sep 2020 08:35:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PrmgEIk-AN_Q for <oauth@ietfa.amsl.com>; Mon, 21 Sep 2020 08:35:24 -0700 (PDT)
Received: from mail-lf1-x136.google.com (mail-lf1-x136.google.com [IPv6:2a00:1450:4864:20::136]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0595A3A08AB for <oauth@ietf.org>; Mon, 21 Sep 2020 08:35:23 -0700 (PDT)
Received: by mail-lf1-x136.google.com with SMTP id u8so14529833lff.1 for <oauth@ietf.org>; Mon, 21 Sep 2020 08:35:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=sfiWfMxy8vLhdLPPXCSW2svgex2+xfVzTXGkH29KUWU=; b=RwFP4e2iKHPHQIlOlLXg95fA8Q6c0c15ycP4ljofm21OBkfnfaGyQESFWgExbD0FCi +9X0bjp1P3LGzYKNtMXA5/PMPKujAnoZQBABSot5YAvxBrjiYu+ZJRBfQboPDqHQxtJj ST396lXlp/qxh4vLRVup4UggP/yaXsEJcvoVz47P7h+UumKj2k8Pgxfc5ZPBK0ly0i+3 E6eBblRKh7g9IfK584MelFZJAKO+4UhAWe3rWatPiYvgp9OALkdUuRF2y3M0ROzVNNx+ TEF7AyJxP05Sae2ze5GRkY3FMT8OtM4/LfoHd6Gu7i3q839L+dwtVri7VOWetYdddjfp IDkw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=sfiWfMxy8vLhdLPPXCSW2svgex2+xfVzTXGkH29KUWU=; b=al5cWLPW/c4ZFGZ5NNc3OquVgIgNDRaupDstISqs63F/5v2QQaOrULDcey0eHOEalh xFgm9rbzBv3JvY2f5iSc01W2X0u3wPsLo824w2rH9sVZMnxiiyqe0sfj33CRDxUfEwAY Tk882ZaR87oDKcmsQ3Bm3WIQeLU+jb6KyD0XBBYkQYT2ctPO77sqklUAwiIU+PD3xl9e aASTRCtn8VkruR22YgFIW10ZT7OdOdRt2IY8yye8ojW5N5ox9+2VAc9+uOEKocMM3MxC Az4pzRcvSxB4r8kZ/a/e4ZgT7OVpZf8jYyulIvwe5jRopVUqzpFfZhz1SUw5JKYKbylg cjZw==
X-Gm-Message-State: AOAM532L13rcvjSlh4XrrA/GyCy2J0o4QQqI7c1EwDKAOfzpFEr+J4HG 8kYSpZFu/BCmTD6FwNKZkYzJfUABX9JvjkqGsauCXVFWDfn0uSy4t0NZx7TTg2kR4HxLoKH2l32 5sSoAF0MkaB5G8fmvrGQ=
X-Google-Smtp-Source: ABdhPJyHPLOgLSM2zyi5AJQJ+U5/VVUIZvnm8HEicVnlK22QhaiOdM3NbEvE2XlAyn1jxu1KKYxD+5oc+JdQkZ06EMA=
X-Received: by 2002:a19:606:: with SMTP id 6mr150016lfg.407.1600702521822; Mon, 21 Sep 2020 08:35:21 -0700 (PDT)
MIME-Version: 1.0
References: <AM0PR08MB3716E2DF7EFB4B1763690316FA3A0@AM0PR08MB3716.eurprd08.prod.outlook.com>
In-Reply-To: <AM0PR08MB3716E2DF7EFB4B1763690316FA3A0@AM0PR08MB3716.eurprd08.prod.outlook.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Mon, 21 Sep 2020 09:34:55 -0600
Message-ID: <CA+k3eCT8LU0SV1o=o1kja4V4BT5XpBfuGY0G9W3fxB8xbW=oVw@mail.gmail.com>
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
Cc: "oauth@ietf.org" <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000346c2405afd499b0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/QnDWhz-sWbdFRiWe8jGOIm7CQVQ>
Subject: Re: [OAUTH-WG] Updated shepherd writeup for draft-ietf-oauth-access-token-jwt-09
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Sep 2020 15:35:33 -0000
I believe the intent of that example was to show the unencoded header and body content of the JWT. So perhaps all that's needed is to adjust the text that introduces the example and the figure title or caption or whatever it's called to reflect that? On Mon, Sep 21, 2020 at 4:58 AM Hannes Tschofenig <Hannes.Tschofenig@arm.com> wrote: > Hi all, > > > > I updated the shepherd writeup for draft-ietf-oauth-access-token-jwt-09 > and included the links to the implementations distributed on the list. I am > sure there are more. > > > > While updating the shepherd writeup I noticed that the draft contains a > JWT in a style that does not match the format described in RFC 7519. > > > > I was wondering whether we should actually replicate the example in a way > similar to Section 6.1 of RFC 7519 (which shows an unsecured JWT) or, even > better, a digitally signed JWT. > > > > Here is the snippet from the draft: > > > > {"typ":"at+JWT","alg":"RS256","kid":"RjEwOwOA"} > > { > > "iss": "https://authorization-server.example.com/", > > "sub": " 5ba552d67", > > "aud": "https://rs.example.com/", > > "exp": 1544645174, > > "client_id": "s6BhdRkqt3_", > > "scope": "openid profile reademail" > > } > > > > > > Figure 2: A JWT Access Token > > > > What do you think? > > > > Ciao > > Hannes > > > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy the > information in any medium. Thank you. > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > -- _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._
- [OAUTH-WG] Updated shepherd writeup for draft-iet… Hannes Tschofenig
- Re: [OAUTH-WG] Updated shepherd writeup for draft… Brian Campbell
- Re: [OAUTH-WG] Updated shepherd writeup for draft… Vittorio Bertocci