IETF Logo Mail Archive

[OAUTH-WG] RFC 9068

"Lee, Matt D" <Matt.Lee@kbslp.cloud> Tue, 08 October 2024 20:41 UTC

Return-Path: <prvs=70112238db=matt.lee@kbslp.cloud>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 080F5C180B4A for <oauth@ietfa.amsl.com>; Tue, 8 Oct 2024 13:41:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.091
X-Spam-Level:
X-Spam-Status: No, score=-2.091 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kbslp.cloud
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9kDk-hO86Csh for <oauth@ietfa.amsl.com>; Tue, 8 Oct 2024 13:41:44 -0700 (PDT)
Received: from mx0a-00164e01.pphosted.com (mx0a-00164e01.pphosted.com [67.231.148.85]) by ietfa.amsl.com (Postfix) with ESMTP id 12302C15198B for <oauth@ietf.org>; Tue, 8 Oct 2024 13:41:43 -0700 (PDT)
Received: from pps.filterd (m0044340.ppops.net [127.0.0.1]) by mx0a-00164e01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 498JXslR027558 for <oauth@ietf.org>; Tue, 8 Oct 2024 15:41:43 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kbslp.cloud; h= content-type:date:from:message-id:mime-version:subject:to; s= 00164e01; bh=KnRwneJzV8onQz7wTOQvYE+u6PIIY+tQlt/h9J+mODM=; b=Rwt J8EmUzao331/s9uJEnkDN3zGFj0ZMTzabJCxGZOjrrFEtNT4RlD4YZkv58Zf37yK D+jVMs/pBC8hSZYHrZEZx6wNpIZNp9MZlS3BANe3DGo77LQr5h4wb7Et+d/4NCx7 KXTbdeeAQvKBm8gVWEHU9vt6Y+iEDQxNeF9uPEHGQCDnoK03gWatom966SSyZsjt uuaEEj02wdic13qzjHQ/z8Ws3quwTg6phalXQW6l3Zp0DuELii7FHknYoTkZANMm 23m7sOp9itzHlPZG7d3lOdBF4sH9yap5TmeybX5I4nB1SqxFo5DL91dC8AN1V+Ba KM13FwG9LG6mF7ujkwQ==
Received: from nam10-mw2-obe.outbound.protection.outlook.com (mail-mw2nam10lp2047.outbound.protection.outlook.com [104.47.55.47]) by mx0a-00164e01.pphosted.com (PPS) with ESMTPS id 424kcj82cu-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <oauth@ietf.org>; Tue, 08 Oct 2024 15:41:43 -0500 (CDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=O8ke820LmsPCp/y6qVxAouNuSyxYm3Ch13Rm/SRP7RK0HEpqAjWFjer7qgTw5yywGP5trz39eP8/wKiyB5z0qM10UXvS7rO05A+W+mmXh9ELza1G4kXThxseeGDFZBI6gL3a4TX2iTGtosu+VgSDMVuk/TrWov51fGF+ZC0schAphYHBGS2NBOMZqU6PIXuIZAyHAOnfBcqS2h6wbrEHisceyn/zT3EPe9r0+X2BKzNJ/AySiT/w6WMbob2T3hL7EQ6ns4oqzui+NJkjPZEXYyvwJVQN9GWfN0KLYZ0n5+9hJtyJvqlSQomsBX3KdqNOxVGH7bUWIYiuTvKOJvDXew==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=KnRwneJzV8onQz7wTOQvYE+u6PIIY+tQlt/h9J+mODM=; b=QUyvFCHXJxm4323Lp4LSPeO7/E3WWIZ2ydQ4ZrXTwgmq1wuat4r25+hU7XlIrGVCZs+U8D+yK6iUSWfBmySJOJ61tIEX+RvjVrA6uqf22AHvHepNLdLi+kS7yRKUcOFWWsZ2+X3FbwSDNI7Ei8Zyah7Q/gM3YEHDxD47kvPosDC+Bai/lhHMXyCzx8SEHbq2OHX8tK5KtOaMHmxHkjwOQTncdiXPumvzSyNFAzf5HB6piwfpcgCwbT5fCPjfXnwiVA0qffixlHF9N0XPNHY4PkG41vD6fz1KQkC3oyHPGdyEyitjfsXKkUTNVHJFuWHUCu9PY1pvwIumO1vSsg9O1A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=kbslp.cloud; dmarc=pass action=none header.from=kbslp.cloud; dkim=pass header.d=kbslp.cloud; arc=none
Received: from DM4PR15MB5503.namprd15.prod.outlook.com (2603:10b6:8:bc::17) by DS0PR15MB5447.namprd15.prod.outlook.com (2603:10b6:8:c9::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8026.23; Tue, 8 Oct 2024 20:41:24 +0000
Received: from DM4PR15MB5503.namprd15.prod.outlook.com ([fe80::b648:dc0b:adf:684f]) by DM4PR15MB5503.namprd15.prod.outlook.com ([fe80::b648:dc0b:adf:684f%3]) with mapi id 15.20.8026.020; Tue, 8 Oct 2024 20:41:24 +0000
From: "Lee, Matt D" <Matt.Lee@kbslp.cloud>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: RFC 9068
Thread-Index: AQHbGcB/55V0SnvLfEqC3lTstd9zRw==
Message-ID: <DM4PR15MB5503161F3F1BB3A66F53264F8D7E2@DM4PR15MB5503.namprd15.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DM4PR15MB5503:EE_|DS0PR15MB5447:EE_
x-ms-office365-filtering-correlation-id: ca10bdfd-e3b9-41e7-d4ea-08dce7d9934e
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|376014|366016|38070700018;
x-microsoft-antispam-message-info: 1TE+KQ0o70kTj40UBbfK9qltH+x77UHVN7DC/QBmLdMN5Kt/NVZMn03HF2RpQJgk/ptShfgheta6GH4UGX2FmvxYJviARSI4V72nbU70Q+mlCLQ1epG+5ZnjvN3zL37e3V+v2sQE2yWX4JFdPlFYE+HdVEKJbEsFPJQUH6mnQFF1o31RAQ9fprJV8z1WuSPiYzafgg/FE+446O9k9xqCCZPGd2dD0nsqGwzIxnsqoncGsBHJMQuEGs+Mr9x8tQI7USE27EUCw0Y5qbQwuvnThjiDbAho+e7NQJzVzJYUW1SEdvY+TE5DaWY0mqelEgbKU5LYFmGl0JFtWJK++P47bCuEqS3rzQHtfBm32biil4jkzyAxOoI4z7yw/Xtd4gSItY8IiKVS6QgtO6n7UC92T7itf5zl+FqN4COKo8qP1OgwJ7kENmPKFvgmrv0fOWjOL7KoiCWTFqUvmBolznkT8tqDP9gt21Tj8FzL4sR/aB8qVgJpopA3uVHv5MIqPHyCdsTWN8bhi+CQH3cVJe8RWPWai6PZS6GK6rIAzqeGLY7TETDzwc2LfuGLhZ0uOu7DD5aGx20vsr67l9YSz13tcFCs6XNp/flYY2GvwczjZfEii9ue2oo5nmd3euf7H722EFbE45VO6cK3Bo/FDIkHP9WVnpnxHOFQZnH9xbTuSmOoeyIurSTHH6FfTv3c8sr+ZHrK9dqO6NNZ2lo6YDoX2M+MWk24w3/gbs7dFcfxdHhPEYXL9zVUhVx5a12y0sNLujd5CTIReGB0XD/DM49UAkzx8QjHeaG+h+G9Tv3g2nLyi5YDajQ9lgGWKXZt22GPxZ63RcqNn5F1vEIWP5JrSuiheMZANipu5AlzH6A13aaFHb0ffzLb/7NakRqUL8iwbpWLl2SdIMTEbPQKk9GywRClYFvaIWQT177Nhq9oVo+3l5mP0Mld0bU1SCiH32hipk6AuZtK4IKLay3+gteVYw4NFhhDk9QgkP7VjABwIhwtVNk+5HlovGLS0fw7t0BaYJqrOIkakJ5ctPT+91G1mSzH8MBcRf1DVn6/uu4KFu4VLSQWxic/bYUOIwXToxRqTk8SYeNoPXb0mitox4dr+MSd/0v18r/jVMVL3kt9wFav+Tyatl6GGaWYuwpXjObSbnTEjYO2CFLvGpiohlOAxww17eTkMw56Bol9juZCyexKx9XRmAppAujuVOz4NaXJzFOeoaqeefGkQ3HPIkAsohEHizSfRnIJk+EirGfO48y5P0Fs/dDvyVng54bW+OhDuAjySsvGPvwthOUHmssWbApUBLkG6sw4k2/aMPt/6NPd2/XM0u6Q18Owf/gIUQzBoafVxcoeYNBBh9SOcdFNyA==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM4PR15MB5503.namprd15.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(376014)(366016)(38070700018);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: eV/OJ1PbERsrD84l2TgFNnFInNSusp/aed2CUGTFs+YxGG7bDXeEQ/fjHb6mH0Pk232J7gY5qxeWih4rhlDbciA0WaTy4a9rbEqGSNj22anB7dARZ4bDIF/7f2APjoTLWzV3SEA5eMvbtkjZbH+0ckVtD+epu4jHMAaC9rZd4tHBexVaBg5qCFrlr9/4E6vzgx4D8/Xgue+GUySJ1S0lrdJ5E+XqEn1MXYg2fV29fjQYetdcLk+u8jAumm0VZjh2hXVbIrLxnbUSGqiPUSJyb25hC+TRLzNZJBibgPS7XA59+ZSF4pWi8YlCYObrGSyiNUgOIDW+H4I7vGi0U8kU1zYKH/ii9c3zHw4VtJ7P8kO8c+c/2Okz1WbuplSy2VmkBXRIf2dezEmxM7PGXBSCO1vxCzw6HZZ7l/P9CBHGgWsLDhuTeYUbibDL8DCYdkO3czuIuN6x55+5X1YbByGgskjf1qwxgDJ4VzIKveQRsD84BGgy/d0EonoJ/UFPBl7dQLTVVYdwDJo5Lth+b2FbCsOXZKGLEItSiYHb9Y4ymqGvlz4E24nGs84DonfMYrTWhQc1n4Qur+vY2dAmivLvz0dCeIYakHxb+lcf+pB1WXEl61EwUU1EW6sFxp36ET0CCA3H3ekHZ9kuNXa4GskCt/rkM2TbvOPYH4R4lc4Gr4/B5mM76S95pMPXSl0SGfwcEmyewSDWuzojqNl/gCZ9mEOGmexT5Mxrx0AhxNEgMcRCqm6Aq39BMJDQROdOGTdZo3Z0ma+aPMd//oj7/RVHBGoxB3b0hUWqoQ1quUaaun2XFgEFt4GihJbTXhi7Xfhz8NHO/nFIckK0PrtnEfUWES/vsBZHs4GN1HM97LZOWifa5OUF3ReUkLDqBCBQS0CzdjRMqvNKHX054N3X9f+pLsxNptvjKcMBn3dNw7ZOG/WDPOMEM1yT6I7uqiinpa4gN6FH+FW7O0e16hKAX0JukPFi8FU1wDVSiiFD7RjbFxExT/oE+D6jvfgFLL2Zr0trLByTCxRjK2K9O4TbX+4y96Qt48z1Cy/D/+DYdx/HdIJY6ybSmDWAdzTR4yZouZDe2Yt06+7/nNngk4p/wQPZV5N/+9R5Ydt93Ijh10YcOxG3kHwh0mbGO5IEjKdW3MSDOxQMRpKc+lDvideKFpxG/749fnK6Jj1pB7XnJ7Z022Tk6n8ua+SvTwdQJfKIKmCO25C+J7LxC4AySI9H6OMqoG6TLZHnAEgosS+hb5ulaADcNAFzNnY/u65VZrZPxesYQJ8rqQXPnI2M1wmOvRzRpIesREv1/XrbjKjFoqm2hv+opvE3sIkXIvyrRt7YpZbCwZcPAsv4DASTMnOtaFdACenYTjP/wHSOTp64pvATbpTCc8IBweIxVY2LZkyWtMqlDnx0MgInk2neXckWAiqOZLXEw4XN8zfScpGk3DBaosTGFEaqOKEniOYB/+LBpqmkQa5d50IJW8xtDykfnNPYFZU5fZ3SBiAmgtVmwTSwpiHxwszx7fhy9hIBR0kGy9sKOr2Ab4z1Tj72ita8c6cvc/UgtaDfIy5M52CQjdkwI3E7in4Nhy4PGqbLvpkCi77q50gyV0l1vro7yJGuA5nLsg==
Content-Type: multipart/alternative; boundary="_000_DM4PR15MB5503161F3F1BB3A66F53264F8D7E2DM4PR15MB5503namp_"
MIME-Version: 1.0
X-OriginatorOrg: kbslp.cloud
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM4PR15MB5503.namprd15.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ca10bdfd-e3b9-41e7-d4ea-08dce7d9934e
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Oct 2024 20:41:24.4568 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 101ce67d-13f2-447a-bb65-0989b89dfdb4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: NDcr8IJ4c5AYGtH5biq5BgokZVHmdnpJSpswDc9uuYlPzcupzoCMpAAUkfPgD3UwXhL/FgcQ3Ecwm7yIx5c/nQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR15MB5447
X-MS-Exchange-CrossPremises-AuthAs: Internal
X-MS-Exchange-CrossPremises-AuthMechanism: 04
X-MS-Exchange-CrossPremises-AuthSource: DM4PR15MB5503.namprd15.prod.outlook.com
X-MS-Exchange-CrossPremises-TransportTrafficType: Email
X-MS-Exchange-CrossPremises-SCL: 1
X-MS-Exchange-CrossPremises-messagesource: StoreDriver
X-MS-Exchange-CrossPremises-BCC:
X-MS-Exchange-CrossPremises-originalclientipaddress: 165.225.36.185
X-MS-Exchange-CrossPremises-transporttraffictype: Email
X-MS-Exchange-CrossPremises-antispam-scancontext: DIR:Originating;SFV:NSPM;SKIP:0;
X-MS-Exchange-CrossPremises-processed-by-journaling: Journal Agent
X-OrganizationHeadersPreserved: DS0PR15MB5447.namprd15.prod.outlook.com
X-Proofpoint-GUID: qw7DcncmV4mQFSKZ-ho39n88SJecM_h4
X-Proofpoint-ORIG-GUID: qw7DcncmV4mQFSKZ-ho39n88SJecM_h4
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1051,Hydra:6.0.680,FMLib:17.12.62.30 definitions=2024-10-05_03,2024-10-04_01,2024-09-30_01
X-Proofpoint-Spam-Details: rule=outbounddefaultpolicy_notspam policy=outbounddefaultpolicy score=0 clxscore=1011 priorityscore=1501 phishscore=0 suspectscore=0 malwarescore=0 adultscore=0 mlxlogscore=632 impostorscore=0 spamscore=0 lowpriorityscore=0 mlxscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2409260000 definitions=main-2410080133
X-MailFrom: prvs=70112238db=matt.lee@kbslp.cloud
X-Mailman-Rule-Hits: nonmember-moderation
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0
Message-ID-Hash: ESWRQCKNISKG4WE7KMHTH5YUCZX5JQD3
X-Message-ID-Hash: ESWRQCKNISKG4WE7KMHTH5YUCZX5JQD3
X-Mailman-Approved-At: Thu, 10 Oct 2024 00:41:24 -0700
X-Mailman-Version: 3.3.9rc5
Precedence: list
Subject: [OAUTH-WG] RFC 9068
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/d_qKto2YDxhK4Pghq4nIoMUsFVc>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>
Date: Tue, 08 Oct 2024 20:43:31 -0000
X-Original-Date: Tue, 8 Oct 2024 20:41:24 +0000

First, my sincerest condolences regarding the loss of Vittorio Bertocci, someone who had an astonishing impact on the industry and community at large.

I was reminded of this loss today as I was having a conversation with some peers about the optional nature of the sub claim in JWTs used in OAuth grants. After we searched for guidance we found this proposed standard from Vittorio that would move sub from optional to required, and wondered if anyone was picking this up now that he has passed.

Thank you


Matt Lee | KGS Enterprise Architect

v2.39.1 | Report a Bug | By Email | System Status