IETF Logo Mail Archive

Re: [OAUTH-WG] Call for adoption of "JWT Response for OAuth Token Introspection"

Phil Hunt <phil.hunt@oracle.com> Fri, 20 July 2018 15:40 UTC

Return-Path: <phil.hunt@oracle.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E8C9D129385 for <oauth@ietfa.amsl.com>; Fri, 20 Jul 2018 08:40:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.298
X-Spam-Level:
X-Spam-Status: No, score=-4.298 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=oracle.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bMoU2pHqYxTI for <oauth@ietfa.amsl.com>; Fri, 20 Jul 2018 08:40:04 -0700 (PDT)
Received: from userp2120.oracle.com (userp2120.oracle.com [156.151.31.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BB419130DE3 for <oauth@ietf.org>; Fri, 20 Jul 2018 08:40:04 -0700 (PDT)
Received: from pps.filterd (userp2120.oracle.com [127.0.0.1]) by userp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w6KFd4eL148992; Fri, 20 Jul 2018 15:40:00 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=content-type : mime-version : subject : from : in-reply-to : date : cc : content-transfer-encoding : message-id : references : to; s=corp-2018-07-02; bh=TfAvZrPIiWiG0EdprdrcO4MAt/NaCuQHj2HXsq/nBKE=; b=XRCg17ttTZJnGlnjpvHxa4sS2ew8XCAuHPS3jM60uG5PxW26fypIiir0Eh9i2n+omGx4 igfq1EPIbxslWigtQIzTasx2r5JO2K5mgc71WhFR685FbUR/1k1xKhyCjDfQIG/3cVJF cNc7DOjzztWQ9vuy9pQMGIlEz25xLRCEdG8+NhkX5+OOeXofZYaczGm8OGqIPkeJxMd2 HSmrC6kFim3uTEoiW45ldYv/B79DvDxCn/UEDX+Dc/ZUYSzKvgMOQpJt1NItS5eIEJF+ Il/woBTYQn+tMszDP0btqlm/6OJFax/qiVGYDAVmRRrZCL53K67P+zyV7/5nmfLtIFN8 Vw==
Received: from userv0022.oracle.com (userv0022.oracle.com [156.151.31.74]) by userp2120.oracle.com with ESMTP id 2k9yjxbtdy-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 20 Jul 2018 15:39:59 +0000
Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235]) by userv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w6KFdwFv016709 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 20 Jul 2018 15:39:59 GMT
Received: from abhmp0004.oracle.com (abhmp0004.oracle.com [141.146.116.10]) by aserv0121.oracle.com (8.14.4/8.13.8) with ESMTP id w6KFdwJx019376; Fri, 20 Jul 2018 15:39:58 GMT
Received: from [10.0.1.20] (/24.86.190.97) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Fri, 20 Jul 2018 08:39:58 -0700
Content-Type: multipart/alternative; boundary="Apple-Mail-4191B48D-3DBB-432F-A1AC-65B64D3A6036"
Mime-Version: 1.0 (1.0)
From: Phil Hunt <phil.hunt@oracle.com>
X-Mailer: iPhone Mail (15F79)
In-Reply-To: <CABh6VRHkwY-AUVmGPU3VM76a5p8--Gn=iCRmAzsKn-DcghXaLw@mail.gmail.com>
Date: Fri, 20 Jul 2018 08:39:56 -0700
Cc: oauth <oauth@ietf.org>
Content-Transfer-Encoding: 7bit
Message-Id: <E25B09C9-936A-4CD6-B446-051804564C7B@oracle.com>
References: <CAGL6epJQ7qrdTv+RrNhuJ_GqKHzFRV=YDA1aswtTiE9NmK6LjQ@mail.gmail.com> <CAAP42hAusd1vyAGFHTQ46FuODXFrUjEg6BaL7m3th25gy5RC=g@mail.gmail.com> <CA+k3eCQvb2D5NaDeSK1Fys2c8Sam46h2Q5FkpyVxM4Puo1VDdQ@mail.gmail.com> <CABh6VRHkwY-AUVmGPU3VM76a5p8--Gn=iCRmAzsKn-DcghXaLw@mail.gmail.com>
To: Rob Otto <robotto=40pingidentity.com@dmarc.ietf.org>
X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8959 signatures=668706
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1806210000 definitions=main-1807200174
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/ca0YYNUfsZjiAO5PqDHuht_qUGI>
Subject: Re: [OAUTH-WG] Call for adoption of "JWT Response for OAuth Token Introspection"
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Jul 2018 15:40:08 -0000

+1 adoption

I have always been concerned about clients doing introspection. Use of jwt helps because responses further restricted rather than less (jwe). 

Phil

> On Jul 20, 2018, at 7:25 AM, Rob Otto <robotto=40pingidentity.com@dmarc.ietf.org> wrote:
> 
> I support this as well 
> 
>> On Fri, 20 Jul 2018 at 15:22, Brian Campbell <bcampbell=40pingidentity.com@dmarc.ietf.org> wrote:
>> +1 
>> 
>>> On Thu, Jul 19, 2018 at 1:51 PM, William Denniss <wdenniss=40google.com@dmarc.ietf.org> wrote:
>>> I support adoption of this document by the working group.
>>> 
>>> 
>>>> On Thu, Jul 19, 2018 at 10:43 AM, Rifaat Shekh-Yusef <rifaat.ietf@gmail.com> wrote:
>>>> Hi all,
>>>> 
>>>> This is the call for adoption of the 'JWT Response for OAuth Token Introspection' document following the presentation by Torsten at the Montreal IETF meeting where we didn't have a chance to do a call for adoption in the meeting itself.
>>>> 
>>>> Here is presentation by Torsten:
>>>> https://datatracker.ietf.org/meeting/102/materials/slides-102-oauth-sessa-jwt-response-for-oauth-token-introspection-00
>>>> 
>>>> Here is the document:
>>>> https://tools.ietf.org/html/draft-lodderstedt-oauth-jwt-introspection-response-01
>>>> 
>>>> Please let us know by August 2nd whether you accept / object to the adoption of this document as a starting point for work in the OAuth working group.
>>>> 
>>>> Regards,
>>>> Hannes & Rifaat
>>>> 
>>>> _______________________________________________
>>>> OAuth mailing list
>>>> OAuth@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/oauth
>>>> 
>>> 
>>> 
>>> _______________________________________________
>>> OAuth mailing list
>>> OAuth@ietf.org
>>> https://www.ietf.org/mailman/listinfo/oauth
>>> 
>> 
>> 
>> CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited...  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
> 
> 
> -- 
> 					
> Rob Otto	
> EMEA Field CTO/Solutions Architect								
> robertotto@pingidentity.com	
> 	
> c: +44 (0) 777 135 6092
> Connect with us: 	      
> 
> 
> CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited..  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth

v2.23.0 | Report a Bug | By Email