Re: [OAUTH-WG] Alexey Melnikov's Discuss on draft-ietf-oauth-discovery-08: (with DISCUSS and COMMENT)

Alexey Melnikov <aamelnikov@fastmail.fm> Sun, 28 January 2018 15:04 UTC

Return-Path: <aamelnikov@fastmail.fm>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C78312ECA6; Sun, 28 Jan 2018 07:04:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fastmail.fm header.b=MuyZV0Kd; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=BGiPLAHq
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2dtzX4eRYzYK; Sun, 28 Jan 2018 07:04:45 -0800 (PST)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E7BA712EC9D; Sun, 28 Jan 2018 07:04:44 -0800 (PST)
Received: from compute7.internal (compute7.nyi.internal [10.202.2.47]) by mailout.nyi.internal (Postfix) with ESMTP id 58C5620D5D; Sun, 28 Jan 2018 10:04:44 -0500 (EST)
Received: from web5 ([10.202.2.215]) by compute7.internal (MEProxy); Sun, 28 Jan 2018 10:04:44 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.fm; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-sender :x-me-sender:x-sasl-enc; s=fm2; bh=Wz54i+rqiWAhCFkpub4lxy6JVZMvg ofkszxH0YJ0vMU=; b=MuyZV0KdzuC6gIRQxCnKWwvlNdYjvwt0z4ynsmp60szRR Yxk2bN8vzFPWrQzUidgZT0jEeXqajdTfAWx46ODyvzr/TgZv2LXcCx+8vpe4JF0R 7fEHkYWGyrKPcG9hrZ9uAY2DcoI7P3qnX6uKlL//PgFeh5gvuWaweJk6EVCbh3x7 o65H5ikMbuj5KLF3w12W1QbauSDZb7CFtsaUeSkDgssFSN54VS9Vdv6CsYfXMkOm 5/F7yytC+t6fomuga+wihMODyUoH96PpJHiYj9hlGD/v8hzL2vswg9FM2vU9zm5n zi6fKOxrzvCTAOFmi7nQXEhAPp7Wy6T0Cv4hY4zYw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=Wz54i+ rqiWAhCFkpub4lxy6JVZMvgofkszxH0YJ0vMU=; b=BGiPLAHq00MUDoKbL5SEkt RAqTAoNaICByAXhROUC2N1/kXpdOAg6LJQQ/W8Qfb1F8p06FA43A2o7P7bT8y+Ot jj2pgkzqW6qNWqR4Qm+y5qcLbgfst1QnEi2Lerbr72QA1C+2XpI/9w8b9ruZTD4U y2cNrYQ7dTWqJsevPIUyNDfn3DeA+dI8xo/64CLdpWTIooBG+ALvmBcjfu3k3lQ0 0ESRKebouhb6nFIIMVVaXU5TUmxF5VeV04oj2pOWfg7QX6RIT6TGbEPCv5ibNex/ g5GZTCpMvpc9pZuHA4V6zlJqOoVsSFwfebOzEdEIB8EjZS8pLB9SqDIElDyX8ijQ ==
X-ME-Sender: <xms:jOZtWhVaSU_VreSHd8dAbMSXw1hkn8Qigocz0Pmojk2wymQLOCsTKQ>
Received: by mailuser.nyi.internal (Postfix, from userid 99) id 2DEA69E224; Sun, 28 Jan 2018 10:04:44 -0500 (EST)
Message-Id: <1517151884.2936052.1250819288.30846638@webmail.messagingengine.com>
From: Alexey Melnikov <aamelnikov@fastmail.fm>
To: Mike Jones <Michael.Jones@microsoft.com>, The IESG <iesg@ietf.org>
Cc: draft-ietf-oauth-discovery@ietf.org, oauth-chairs@ietf.org, oauth@ietf.org
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="utf-8"
X-Mailer: MessagingEngine.com Webmail Interface - ajax-20f48d70
Date: Sun, 28 Jan 2018 15:04:44 +0000
In-Reply-To: <DM5PR2101MB0934487B64A5CDA299AA529EF5E20@DM5PR2101MB0934.namprd21.prod.outlook.com>
References: <151678115299.24088.6785024209658543295.idtracker@ietfa.amsl.com> <DM5PR2101MB0934487B64A5CDA299AA529EF5E20@DM5PR2101MB0934.namprd21.prod.outlook.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/_Pxr5gOGxjTl102hCzPa4iWH-8s>
Subject: Re: [OAUTH-WG] Alexey Melnikov's Discuss on draft-ietf-oauth-discovery-08: (with DISCUSS and COMMENT)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Jan 2018 15:04:48 -0000

Hi Mike,

On Wed, Jan 24, 2018, at 10:11 PM, Mike Jones wrote:
> Thanks for the useful review, Alexey.  I propose that we use the same 
> character restrictions that are described in 
> https://tools.ietf.org/html/rfc7638#section-6, which are:
> 
>    (a) require that member names being registered use
>    only printable ASCII characters excluding double quote ('"') and
>    backslash ('\') (the Unicode characters with code points U+0021,
>    U+0023 through U+005B, and U+005D through U+007E),

This looks reasonable.

> or
> 
>    (b) if new members are defined that use other code
>    points, require that their definitions specify the exact Unicode code
>    point sequences used to represent them.  Furthermore, proposed
>    registrations that use Unicode code points that can only be
>    represented in JSON strings as escaped characters must not be
>    accepted.

So just to double check: it is Ok to register names in Greek or Cyrillic (for example) and they will be compared in a case sensitive manner?

> I also propose that we say that member name comparison occurs in the 
> manner described in https://tools.ietf.org/html/rfc7159#section-8.3.

My understanding is that RFC 7159 recommends case-sensitive comparison and that is fine with me.

> Will that work for you, Alexey?

Best Regards,
Alexey
> 
> 				Thanks,
> 				-- Mike
> 
> -----Original Message-----
> From: Alexey Melnikov [mailto:aamelnikov@fastmail.fm] 
> Sent: Wednesday, January 24, 2018 12:06 AM
> To: The IESG <iesg@ietf.org>
> Cc: draft-ietf-oauth-discovery@ietf.org; Hannes Tschofenig 
> <Hannes.Tschofenig@gmx.net>et>; oauth-chairs@ietf.org; 
> Hannes.Tschofenig@gmx.net; oauth@ietf.org
> Subject: Alexey Melnikov's Discuss on draft-ietf-oauth-discovery-08: 
> (with DISCUSS and COMMENT)
> 
> Alexey Melnikov has entered the following ballot position for
> draft-ietf-oauth-discovery-08: Discuss
> 
> When responding, please keep the subject line intact and reply to all 
> email addresses included in the To and CC lines. (Feel free to cut this 
> introductory paragraph, however.)
> 
> 
> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
> 
> 
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-oauth-discovery/
> 
> 
> 
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
> 
> Thank you for the well written IANA Considerations section. I have one 
> comment on it which should be easy to resolve:
> 
> The document doesn't seem to say anything about allowed characters in 
> Metadata names. When the document talks about "case-insensitive 
> matching", it is not clear how to implement the matching, because it is 
> not clear whether or not Metadata names are ASCII only. If they are not, 
> then you need to better define what "case insensitive" means.
> 
> 
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
> 
> I am agreeing with Adam's DISCUSS.
> 
> 
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth