Re: [OAUTH-WG] Working Group Last Call on Dynamic Client Registration Documents

Mike Jones <Michael.Jones@microsoft.com> Sat, 05 April 2014 00:49 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 60C3F1A031C for <oauth@ietfa.amsl.com>; Fri, 4 Apr 2014 17:49:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yg1rDtKU2SNH for <oauth@ietfa.amsl.com>; Fri, 4 Apr 2014 17:49:40 -0700 (PDT)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1blp0181.outbound.protection.outlook.com [207.46.163.181]) by ietfa.amsl.com (Postfix) with ESMTP id 04A871A030F for <oauth@ietf.org>; Fri, 4 Apr 2014 17:49:39 -0700 (PDT)
Received: from BLUPR03CA033.namprd03.prod.outlook.com (10.141.30.26) by BLUPR03MB438.namprd03.prod.outlook.com (10.141.78.149) with Microsoft SMTP Server (TLS) id 15.0.908.10; Sat, 5 Apr 2014 00:49:33 +0000
Received: from BY2FFO11FD001.protection.gbl (2a01:111:f400:7c0c::149) by BLUPR03CA033.outlook.office365.com (2a01:111:e400:879::26) with Microsoft SMTP Server (TLS) id 15.0.913.9 via Frontend Transport; Sat, 5 Apr 2014 00:49:33 +0000
Received: from mail.microsoft.com (131.107.125.37) by BY2FFO11FD001.mail.protection.outlook.com (10.1.14.123) with Microsoft SMTP Server (TLS) id 15.0.918.6 via Frontend Transport; Sat, 5 Apr 2014 00:49:31 +0000
Received: from TK5EX14MBXC286.redmond.corp.microsoft.com ([169.254.1.232]) by TK5EX14MLTC103.redmond.corp.microsoft.com ([157.54.79.174]) with mapi id 14.03.0174.002; Sat, 5 Apr 2014 00:49:05 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>, "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: [OAUTH-WG] Working Group Last Call on Dynamic Client Registration Documents
Thread-Index: AQHPT+nITTIZxjtAw0axukyWMLHP/JsCL3yg
Date: Sat, 5 Apr 2014 00:49:03 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739439A141067@TK5EX14MBXC286.redmond.corp.microsoft.com>
References: <533E77C3.9000509@gmx.net>
In-Reply-To: <533E77C3.9000509@gmx.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.33]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: =?us-ascii?Q?CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; ?= =?us-ascii?Q?SFS:(10009001)(6009001)(438001)(199002)(13464003)(189002)(53?= =?us-ascii?Q?754006)(377454003)(81342001)(33656001)(80976001)(47446002)(6?= =?us-ascii?Q?3696002)(74662001)(20776003)(83072002)(84676001)(65816001)(2?= =?us-ascii?Q?24303002)(2656002)(74706001)(87266001)(56816005)(46406003)(8?= =?us-ascii?Q?7936001)(81686001)(99396002)(81816001)(95666003)(81542001)(9?= =?us-ascii?Q?7186001)(224313003)(66066001)(74366001)(97336001)(92726001)(?= =?us-ascii?Q?93516002)(77096001)(50986001)(76482001)(23726002)(69226001)(?= =?us-ascii?Q?85852003)(19580395003)(6806004)(15975445006)(93136001)(47776?= =?us-ascii?Q?003)(83322001)(51856001)(95416001)(4396001)(85306002)(152023?= =?us-ascii?Q?45003)(86362001)(94946001)(77982001)(2009001)(76786001)(9431?= =?us-ascii?Q?6002)(59766001)(97736001)(44976005)(55846006)(76796001)(1958?= =?us-ascii?Q?0405001)(98676001)(90146001)(74876001)(31966008)(79102001)(5?= =?us-ascii?Q?4356001)(86612001)(53806001)(47976001)(54316002)(56776001)(9?= =?us-ascii?Q?7756001)(49866001)(80022001)(50466002)(47736001)(74502001)(9?= =?us-ascii?Q?2566001)(46102001); DIR:OUT; SFP:1101; SCL:1; SRVR:BLUPR03MB438; ?= =?us-ascii?Q?H:mail.microsoft.com; FPR:FEE6FA7F.1CF65FEA.31D53B80.48E4A0E0?= =?us-ascii?Q?.20245; MLV:sfv; PTR:InfoDomainNonexistent; A:1; MX:1; LANG:en; ?=
X-O365ENT-EOP-Header: Message processed by - O365_ENT: Allow from ranges (Engineering ONLY)
X-Forefront-PRVS: 0172F0EF77
Received-SPF: Pass (: domain of microsoft.com designates 131.107.125.37 as permitted sender) receiver=; client-ip=131.107.125.37; helo=mail.microsoft.com;
X-OriginatorOrg: microsoft.onmicrosoft.com
Archived-At: http://mailarchive.ietf.org/arch/msg/oauth/_8xbAJQCOXRIaXFi3dNgqBogUz4
Subject: Re: [OAUTH-WG] Working Group Last Call on Dynamic Client Registration Documents
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Apr 2014 00:49:44 -0000

I would combine these two documents, with no normative changes.  This would be a convenience for implementers.  And the metadata values that are currently optional would remain optional.

I would also add an optional "jwks" metadata member, paralleling this addition in OpenID Connect Registration.  This allows the JWK Set to be passed by value, rather than by reference.  This was discussed in London and people seemed to agree with this change.

The reference to RFC 4627 should be changed to RFC 7159, which has obsoleted 4627.

Other than that, I believe they're ready to proceed on the next steps towards becoming an RFC.

				-- Mike

-----Original Message-----
From: OAuth [mailto:oauth-bounces@ietf.org] On Behalf Of Hannes Tschofenig
Sent: Friday, April 04, 2014 2:14 AM
To: oauth@ietf.org
Subject: [OAUTH-WG] Working Group Last Call on Dynamic Client Registration Documents

Hi all,

This is a Last Call for comments on the dynamic client registration
documents:

* OAuth 2.0 Dynamic Client Registration Core Protocol
http://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-16

* OAuth 2.0 Dynamic Client Registration Metadata
http://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-metadata-00

Since we have to do the last call for these two documents together we are setting the call for **3 weeks**.

Please have your comments in no later than April 25th.

Ciao
Hannes & Derek