IETF Logo Mail Archive

Re: [OAUTH-WG] OAuth 2.0 Authorization Server Metadata is now RFC 8414

Phil Hunt <phil.hunt@oracle.com> Fri, 29 June 2018 00:03 UTC

Return-Path: <phil.hunt@oracle.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD943130DF1 for <oauth@ietfa.amsl.com>; Thu, 28 Jun 2018 17:03:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.309
X-Spam-Level:
X-Spam-Status: No, score=-4.309 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=oracle.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P2jSpWqOKEcT for <oauth@ietfa.amsl.com>; Thu, 28 Jun 2018 17:02:59 -0700 (PDT)
Received: from userp2130.oracle.com (userp2130.oracle.com [156.151.31.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4B19B130E40 for <oauth@ietf.org>; Thu, 28 Jun 2018 17:02:59 -0700 (PDT)
Received: from pps.filterd (userp2130.oracle.com [127.0.0.1]) by userp2130.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w5SNxhPN085622; Fri, 29 Jun 2018 00:02:57 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : message-id : content-type : mime-version : subject : date : in-reply-to : cc : to : references; s=corp-2017-10-26; bh=RKUFNKvtllkajegnGzy8bi4i6Xy40Mn1VQ140+feyHY=; b=aqRX9jKhykeU7CwlLSr/giDRLknhM4EPURw8WlVGSnsAm4lp6zkQ/3iPWVR2K1TElDPM F36vHkSw8JHDoYGxu9h20VvVGz+Y1nqr7GlKR9xBvNxpuogUvwPrLmls+ePhakQx/BNm JFOmUb3eqt02Q07C+iew7OOe5vbqj4XtwWowzR5tW+zfFQ9LtxgQ8sXy9aW8hNyZIvsS Bkiw0xJkeaH5UnzeIdDtfESxtZIX3nPyBUWrCrYkE9gZonvyM64ldU2Qj5C8gz0iMa1g OSZ+5q5f7Ayty9bmvDVcHiMzpjlw6JS+M2WZNok+HkeMh6NzN2FOfTkMBaZB2UO2rOJL +w==
Received: from userv0021.oracle.com (userv0021.oracle.com [156.151.31.71]) by userp2130.oracle.com with ESMTP id 2jum58495t-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 Jun 2018 00:02:57 +0000
Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235]) by userv0021.oracle.com (8.14.4/8.14.4) with ESMTP id w5T02tEY024448 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 Jun 2018 00:02:56 GMT
Received: from abhmp0017.oracle.com (abhmp0017.oracle.com [141.146.116.23]) by aserv0121.oracle.com (8.14.4/8.13.8) with ESMTP id w5T02tJl002600; Fri, 29 Jun 2018 00:02:55 GMT
Received: from [10.0.1.37] (/24.86.190.97) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Thu, 28 Jun 2018 17:02:55 -0700
From: Phil Hunt <phil.hunt@oracle.com>
Message-Id: <DC521879-E81F-425A-8B71-30EE0B924038@oracle.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_022D6CB7-059E-42D4-B07C-D05FB4FD401C"
Mime-Version: 1.0 (Mac OS X Mail 11.4 \(3445.8.2\))
Date: Thu, 28 Jun 2018 17:02:52 -0700
In-Reply-To: <5E0936CA-0B7C-4771-B317-31B40EE9EAA9@lodderstedt.net>
Cc: Mike Jones <Michael.Jones=40microsoft.com@dmarc.ietf.org>, "oauth@ietf.org" <oauth@ietf.org>
To: Torsten Lodderstedt <torsten@lodderstedt.net>
References: <BL0PR00MB0292114ED161717408E72C46F54F0@BL0PR00MB0292.namprd00.prod.outlook.com> <CAAP42hCe0OjyP=OeXkqU0K5a69A5NDs8w260=OT+sYcTKpearw@mail.gmail.com> <5E0936CA-0B7C-4771-B317-31B40EE9EAA9@lodderstedt.net>
X-Mailer: Apple Mail (2.3445.8.2)
X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8938 signatures=668703
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=3 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1806210000 definitions=main-1806280261
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/c3tfjXctY6wfgM7K66S9AbW8Ty8>
Subject: Re: [OAUTH-WG] OAuth 2.0 Authorization Server Metadata is now RFC 8414
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Jun 2018 00:03:01 -0000

Congrats! Glad to see this one out!

Phil

Oracle Corporation, Identity Cloud Services Architect
@independentid
www.independentid.com <http://www.independentid.com/>phil.hunt@oracle.com <mailto:phil.hunt@oracle.com>

> On Jun 28, 2018, at 5:00 PM, Torsten Lodderstedt <torsten@lodderstedt.net> wrote:
> 
> Congratulations!
> 
> Am 28.06.2018 um 18:15 schrieb William Denniss <wdenniss=40google.com@dmarc.ietf.org <mailto:wdenniss=40google.com@dmarc.ietf.org>>:
> 
>> Congratulations!
>> 
>> Really glad that we have an RFC specifying how servers should provide their configuration data in machine readable form. Helps with developer experience (less manual configuration), as well as mitigating mix-up attacks (better association of related endpoints), amongst other benefits.
>> 
>> I'm happy to say that the AppAuth clients support RFC 8414, through discovery methods that take a complete URL <https://github..com/openid/AppAuth-iOS/blob/1dae3a1df4de33b844284dce545c71ff0d3582ad/Source/OIDAuthorizationService.h#L111-L112>, in addition to the issuer-based ones designed for OIDC usage.
>> 
>> 
>> On Thu, Jun 28, 2018 at 3:54 PM, Mike Jones <Michael.Jones=40microsoft.com@dmarc.ietf.org <mailto:Michael.Jones=40microsoft.com@dmarc.ietf.org>> wrote:
>> The OAuth 2.0 Authorization Server Metadata specification is now RFC 8414 <https://www.rfc-editor.org/rfc/rfc8414.txt>.  The abstract describes the specification as:
>> 
>>  
>> 
>> This specification defines a metadata format that an OAuth 2.0 client can use to obtain the information needed to interact with an OAuth 2.0 authorization server, including its endpoint locations and authorization server capabilities.
>> 
>>  
>> 
>> The specification defines a JSON metadata representation for OAuth 2.0 authorization servers that is compatible with OpenID Connect Discovery 1.0 <http://openid.net/specs/openid-connect-discovery-1_0.html>.  This specification is a true instance of standardizing existing practice.  OAuth 2.0 deployments have been using the OpenID Connect metadata format to describe their endpoints and capabilities for years.  This RFC makes this existing practice a standard.
>> 
>>  
>> 
>> Having a standard OAuth metadata format makes it easier for OAuth clients to configure connections to OAuth authorization servers..  See https://www.iana.org/assignments/oauth-parameters/oauth-parameters..xhtml#authorization-server-metadata <https://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtml#authorization-server-metadata> for the initial set of registered metadata values.
>> 
>>  
>> 
>> Thanks to all of you who helped make this standard a reality!
>> 
>>  
>> 
>>                                                        -- Mike
>> 
>>  
>> 
>> P.S.  This announcement was also posted at http://self-issued.info/?p=1883 <http://self-issued.info/?p=1883> and as @selfissued <https://twitter..com/selfissued>.
>> 
>>  
>> 
>> 
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org <mailto:OAuth@ietf.org>
>> https://www.ietf.org/mailman/listinfo/oauth <https://www.ietf.org/mailman/listinfo/oauth>
>> 
>> 
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org <mailto:OAuth@ietf.org>
>> https://www.ietf.org/mailman/listinfo/oauth <https://www.ietf.org/mailman/listinfo/oauth>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth

v2.23.0 | Report a Bug | By Email