Re: [OAUTH-WG] RFC 7662 OAuth 2.0 Token Introspection: token_type

Hannes Tschofenig <hannes.tschofenig@gmx.net> Tue, 17 November 2015 11:16 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 216021B2E39 for <oauth@ietfa.amsl.com>; Tue, 17 Nov 2015 03:16:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.185
X-Spam-Level:
X-Spam-Status: No, score=-3.185 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.585, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1ERvzeBu3UKm for <oauth@ietfa.amsl.com>; Tue, 17 Nov 2015 03:16:53 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.15]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3980C1B2E38 for <oauth@ietf.org>; Tue, 17 Nov 2015 03:16:52 -0800 (PST)
Received: from [192.168.10.133] ([80.92.121.34]) by mail.gmx.com (mrgmx001) with ESMTPSA (Nemesis) id 0LcBBl-1ahddn2bsD-00jWZg; Tue, 17 Nov 2015 12:16:50 +0100
To: Vladimir Dzhuvinov <vladimir@connect2id.com>, "oauth@ietf.org" <oauth@ietf.org>
References: <564B045C.50301@connect2id.com>
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Openpgp: id=071A97A9ECBADCA8E31E678554D9CEEF4D776BC9
Message-ID: <564B0C9A.5030809@gmx.net>
Date: Tue, 17 Nov 2015 12:16:42 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
MIME-Version: 1.0
In-Reply-To: <564B045C.50301@connect2id.com>
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="f7PuAticHOmHomRKqUIfLeAJPQEtU0BsI"
X-Provags-ID: V03:K0:yy2Bj/igwlKKuOu0uVBU3xVXmyJZla/Bicb6ck87zVug8l3DhMT wZNRW0wFEwQYXu+f8UScD3YBfeJ/s2PObLAiuMqGB9Dm2USZ8QC36Z7T5OaWYoMT+yTxk6N 42tztplwXr1TJds/ou82py4YdnnrcwE2QQCCyLc6yl4XLBWEf5BVCtCjDES5XSTMAJPaMhx Z6xvrcz1k6JXQURFqNzlw==
X-UI-Out-Filterresults: notjunk:1;V01:K0:vtKEs5o/QoY=:07m02bvFTMxbbFtI+zn4UO gTvUjUs8fSXuFSOneubarkuTBZYKzixhIgh96QAG81F7PpPbnag7qdwuCO03ywZT1oZVbNYde cZrv+qBBPkSee9QYamrsLS7PzMWTDoTW7WPuuG5w4Fy+fKm+Q0Dr8OKW+5qWFvEGMSYwjcKGC Iib+hNiccSKea6aJkASmK0ndvisPV3Uce+4Rvw3KNFgi3SSzp5oZ0ypb0owGkhki22pZuCq08 hiO8/tyfDZI4HcHrZIRxlE1+2t++BvN0F0uUyKl9alF4TYXIJxPsptkYGRXRXmCFK9Y2DPoZL Ouiqj2/Qr791EjC9U9kPWRHh//2ffI12xHqc3U6kbOciCxwnpoACSLb8535pIEEvoJZVGxWbx nTQUbfbBhO/BPWXsqpIJMMFajEjKUOQ4hAeYvv1YdjX7dOVBtrVWS/hmZXJjpV6hjCMq9GOjJ LpFuOBfSk8J431N2Rt2uUdTrCEMoS0HKcvSQ2PhsKvLlNM9cnb3BPJ7rnU0pbmi2fm8pefhAL jQVqGH6Xj8hl3+T1Zc20tm+bW/9b5XlhQsz8yxpsn+qb259LBkpkFnt8Uenxh3sr1iUIBM1Xj AN61LiRacR1/+YnfzbiIVFVK5VXdThhrYHTQo50ytLaD1j3AlpBhy1gzoOpa8VTGVMed1rf6O YEbwC+rpPYApiCrw7d9FlbezWrvKcwo6mHiXlbAzYbsZANCm3EL+R6BKFNiEE75HgU+HFsrEe Z/3CfP/xoUae9gduoc+qlOVQvyB+ae5ZtSYax9aH4egu+80G1wtqJFCDf+w=
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/Yy0f13yozfEcX9TklgribGxGoDM>
Subject: Re: [OAUTH-WG] RFC 7662 OAuth 2.0 Token Introspection: token_type
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Nov 2015 11:16:55 -0000

Hi Vladimir,

it is 'Bearer'.

Section 5.1 in RFC 6749 defines the token_type concept and RFC 6750
registers the 'Bearer' token value (since it defines the bearer token
concept).

We currently have work going on with the PoP token work to also extend
the concept further.

Ciao
Hannes


On 11/17/2015 11:41 AM, Vladimir Dzhuvinov wrote:
> The "token_type" parameter in introspection responses - is that supposed
> to be "access_token" / "refresh_token", or the type of the access token,
> e.g. "Bearer"?
> 
> https://tools.ietf.org/html/rfc7662#section-2.2
> 
> Section 5.1 in RFC 6749 that is referred to points to section 7.1 which
> seems to imply the latter?
> 
> http://tools.ietf.org/html/rfc6749#section-7.1
> 
> Thanks,
> 
> Vladimir
> 
> 
> 
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>