Re: [OAUTH-WG] Working Group Last Call on Dynamic Client Registration Documents

Mike Jones <> Sat, 05 April 2014 00:49 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 60C3F1A031C for <>; Fri, 4 Apr 2014 17:49:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id yg1rDtKU2SNH for <>; Fri, 4 Apr 2014 17:49:40 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 04A871A030F for <>; Fri, 4 Apr 2014 17:49:39 -0700 (PDT)
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.908.10; Sat, 5 Apr 2014 00:49:33 +0000
Received: from (2a01:111:f400:7c0c::149) by (2a01:111:e400:879::26) with Microsoft SMTP Server (TLS) id 15.0.913.9 via Frontend Transport; Sat, 5 Apr 2014 00:49:33 +0000
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.918.6 via Frontend Transport; Sat, 5 Apr 2014 00:49:31 +0000
Received: from ([]) by ([]) with mapi id 14.03.0174.002; Sat, 5 Apr 2014 00:49:05 +0000
From: Mike Jones <>
To: Hannes Tschofenig <>, "" <>
Thread-Topic: [OAUTH-WG] Working Group Last Call on Dynamic Client Registration Documents
Thread-Index: AQHPT+nITTIZxjtAw0axukyWMLHP/JsCL3yg
Date: Sat, 05 Apr 2014 00:49:03 +0000
Message-ID: <>
References: <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10009001)(6009001)(438001)(199002)(13464003)(189002)(53754006)(377454003)(81342001)(33656001)(80976001)(47446002)(63696002)(74662001)(20776003)(83072002)(84676001)(65816001)(224303002)(2656002)(74706001)(87266001)(56816005)(46406003)(87936001)(81686001)(99396002)(81816001)(95666003)(81542001)(97186001)(224313003)(66066001)(74366001)(97336001)(92726001)(93516002)(77096001)(50986001)(76482001)(23726002)(69226001)(85852003)(19580395003)(6806004)(15975445006)(93136001)(47776003)(83322001)(51856001)(95416001)(4396001)(85306002)(15202345003)(86362001)(94946001)(77982001)(2009001)(76786001)(94316002)(59766001)(97736001)(44976005)(55846006)(76796001)(19580405001)(98676001)(90146001)(74876001)(31966008)(79102001)(54356001)(86612001)(53806001)(47976001)(54316002)(56776001)(97756001)(49866001)(80022001)(50466002)(47736001)(74502001)(92566001)(46102001); DIR:OUT; SFP:1101; SCL:1; SRVR:BLUPR03MB438;; FPR:FEE6FA7F.1CF65FEA.31D53B80.48E4A0E0.20245; MLV:sfv; PTR:InfoDomainNonexistent; A:1; MX:1; LANG:en;
X-O365ENT-EOP-Header: Message processed by - O365_ENT: Allow from ranges (Engineering ONLY)
X-Forefront-PRVS: 0172F0EF77
Received-SPF: Pass (: domain of designates as permitted sender) receiver=; client-ip=;;
Subject: Re: [OAUTH-WG] Working Group Last Call on Dynamic Client Registration Documents
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 05 Apr 2014 00:49:44 -0000

I would combine these two documents, with no normative changes.  This would be a convenience for implementers.  And the metadata values that are currently optional would remain optional.

I would also add an optional "jwks" metadata member, paralleling this addition in OpenID Connect Registration.  This allows the JWK Set to be passed by value, rather than by reference.  This was discussed in London and people seemed to agree with this change.

The reference to RFC 4627 should be changed to RFC 7159, which has obsoleted 4627.

Other than that, I believe they're ready to proceed on the next steps towards becoming an RFC.

				-- Mike

-----Original Message-----
From: OAuth [] On Behalf Of Hannes Tschofenig
Sent: Friday, April 04, 2014 2:14 AM
Subject: [OAUTH-WG] Working Group Last Call on Dynamic Client Registration Documents

Hi all,

This is a Last Call for comments on the dynamic client registration

* OAuth 2.0 Dynamic Client Registration Core Protocol

* OAuth 2.0 Dynamic Client Registration Metadata

Since we have to do the last call for these two documents together we are setting the call for **3 weeks**.

Please have your comments in no later than April 25th.

Hannes & Derek