[OAUTH-WG] JSON Web Token Best Current Practices draft describing Explicit Typing
Mike Jones <Michael.Jones@microsoft.com> Tue, 04 July 2017 19:43 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6442513289A for <oauth@ietfa.amsl.com>; Tue, 4 Jul 2017 12:43:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.761
X-Spam-Level:
X-Spam-Status: No, score=-1.761 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTML_OBFUSCATE_05_10=0.26, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cp2VaPhZeb-t for <oauth@ietfa.amsl.com>; Tue, 4 Jul 2017 12:43:53 -0700 (PDT)
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-bl2nam02on0099.outbound.protection.outlook.com [104.47.38.99]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2B451131706 for <oauth@ietf.org>; Tue, 4 Jul 2017 12:43:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=ui37i1DEM5x0Iz/ISkjeY/bCJ53FfrL6mnbKibt0zJA=; b=EdLvS9/Fh0goasZR8Ltgw1Yvob9cJfk4nyxVatjhvvpcJ7LXEQM16PZ23A0mFdQzjecfS+oucOmujqtOn7V0pUFDWh70aLtrSsOFCSBhfMIMfcYF2CwmGHoW+mDDuU6GGskR3zY4t7syzQunhxDPljTjb4QeEAhLgDBgkBbxOsk=
Received: from CY4PR21MB0504.namprd21.prod.outlook.com (10.172.122.14) by CY4PR21MB0694.namprd21.prod.outlook.com (10.175.121.148) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1261.3; Tue, 4 Jul 2017 19:43:51 +0000
Received: from CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) by CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) with mapi id 15.01.1261.003; Tue, 4 Jul 2017 19:43:51 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: JSON Web Token Best Current Practices draft describing Explicit Typing
Thread-Index: AdL0+iJmgqpM9UqbSgCDmYr6GQRcNA==
Date: Tue, 04 Jul 2017 19:43:51 +0000
Message-ID: <CY4PR21MB0504A6F0739B0F3EFA46AE54F5D70@CY4PR21MB0504.namprd21.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Ref=https://api.informationprotection.azure.com/api/72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Owner=mbj@microsoft.com; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2017-07-04T12:43:49.4591748-07:00; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=General; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Application=Microsoft Azure Information Protection; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Extended_MSFT_Method=Automatic; Sensitivity=General
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=microsoft.com;
x-originating-ip: [50.47.93.167]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; CY4PR21MB0694; 7:2ouY1APGHC5M7Uz8TsQ9XlbZhLrEu/daAa6uAIUDtgsorJZRgEnuvFH+eAIpgWYyY18qIr2g1iJ+aiNgt6jSzTPMY2JcBIpb2/x94lxhn0O//0yVNxOxL5fuA7kH+ea2NZ24KyHDurM0cSf4MO+Vn5YVAdRrHBOWFuLbQvCOPGQC9pbNJn2I/oN8Os/kh1Y/t+G6gJIAXFbSPiBjJxci6tFqLW/tHXWbnOM7WcJkNZzYyDAox5JbqsB6TwBzl4BUH291Zo4Yc+N84g413cYn0p8dFTwmSu19AGXHl54dKEGMKET7gOqUcch9b8eD277wau8g4Pu2OXAlnKUaEA1tmCfBd4zQfgTr+Br3VeNFL//ZqxWNEX113XhiKYnYrY/Bk/U0ncCUrjxUi+k1upLBJqVHFFP7GgEahIMWjlL6Gvc0UaJhT0HkdNnwIUo3gQxin8MQ7qansXasONcei0kw+iEQvNLr+UCG0Tz0poigaR6BS+UcgzEEpjymrQgkIlwP6j8AhiYaCzu1ssDc526R/D5vKJCE/71bIRGudVoUyvivAFYROnv1eXgRNKKC+9e0SWb39dcfTSl+U6eqWfEyF3zYUaLHDY94EyIYt/5CE9aic6vYPFrW2Zatbe0dypsGj1vzVheKV4Teu21rUDFMHuzrIJ7imxQcXT7r0ftED6rCXWdI2hjd1xH78je3q+aca6UFwmnIiZP3NDDqDMBoFulqjtqwrQGM9qnakHaxuMswdSLw+v1bztqp8aW+zCCVn1JW/Ij92Kl8R+MMa77XhsPB8LVbd/XTpZXowjzWNw8lPWY+tfnzdQ9sZBwHqI8Y
x-ms-office365-filtering-correlation-id: c329a504-c01a-4895-f38c-08d4c314ff42
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254075)(48565401081)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:CY4PR21MB0694;
x-ms-traffictypediagnostic: CY4PR21MB0694:
x-microsoft-antispam-prvs: <CY4PR21MB0694E145C4C1B371C31797E8F5D70@CY4PR21MB0694.namprd21.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(151999592597050)(26388249023172)(236129657087228)(192374486261705)(31418570063057)(148574349560750)(21748063052155)(247924648384137);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(61425038)(6040450)(601004)(2401047)(8121501046)(2017060910033)(5005006)(10201501046)(93006095)(93001095)(100000703101)(100105400095)(3002001)(6055026)(61426038)(61427038)(6041248)(20161123564025)(20161123555025)(20161123560025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(20161123558100)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:CY4PR21MB0694; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:CY4PR21MB0694;
x-forefront-prvs: 0358535363
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39450400003)(39860400002)(39850400002)(39400400002)(39410400002)(39840400002)(209900001)(2351001)(53376002)(7736002)(38730400002)(189998001)(110136004)(33656002)(8676002)(5660300001)(966005)(5005710100001)(3280700002)(74316002)(478600001)(6916009)(72206003)(50986999)(25786009)(6306002)(2900100001)(54356999)(3660700001)(10090500001)(14454004)(790700001)(6436002)(77096006)(3846002)(6116002)(102836003)(236005)(8936002)(54896002)(2906002)(606006)(5640700003)(1730700003)(7696004)(10290500003)(2501003)(66066001)(9686003)(55016002)(99286003)(5630700001)(8990500004)(53936002)(86612001)(81166006)(86362001)(6506006)(6606295002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0694; H:CY4PR21MB0504.namprd21.prod.outlook.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_CY4PR21MB0504A6F0739B0F3EFA46AE54F5D70CY4PR21MB0504namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Jul 2017 19:43:51.4172 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0694
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/ZX-yp2yotHxa4LnFDwS9itNYK94>
Subject: [OAUTH-WG] JSON Web Token Best Current Practices draft describing Explicit Typing
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Jul 2017 19:43:55 -0000
The JWT BCP draft has been updated to describe the use of explicit typing of JWTs as one of the ways to prevent confusion among different kinds of JWTs. This is accomplished by including an explicit type for the JWT in the "typ" header parameter. For instance, the Security Event Token (SET) specification<http://self-issued.info/?p=1709> now uses the "application/secevent+jwt" content type to explicitly type SETs. The specification is available at: * https://tools.ietf.org/html/draft-sheffer-oauth-jwt-bcp-01 An HTML-formatted version is also available at: * http://self-issued.info/docs/draft-sheffer-oauth-jwt-bcp-01.html -- Mike P.S. This notice was also posted at http://self-issued.info/?p=1714 and as @selfissued<https://twitter.com/selfissued>.
- [OAUTH-WG] JSON Web Token Best Current Practices … Mike Jones
- Re: [OAUTH-WG] JSON Web Token Best Current Practi… Phil Hunt (IDM)
- Re: [OAUTH-WG] JSON Web Token Best Current Practi… Brian Campbell
- Re: [OAUTH-WG] JSON Web Token Best Current Practi… Mike Jones
- Re: [OAUTH-WG] JSON Web Token Best Current Practi… Justin Richer
- Re: [OAUTH-WG] JSON Web Token Best Current Practi… Dick Hardt
- Re: [OAUTH-WG] JSON Web Token Best Current Practi… Brian Campbell
- Re: [OAUTH-WG] JSON Web Token Best Current Practi… Mike Jones
- Re: [OAUTH-WG] JSON Web Token Best Current Practi… Brian Campbell