Re: [OAUTH-WG] Alexey Melnikov's Discuss on draft-ietf-oauth-amr-values-05: (with DISCUSS and COMMENT)

Mike Jones <Michael.Jones@microsoft.com> Thu, 02 February 2017 18:05 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A11D1294E4; Thu, 2 Feb 2017 10:05:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.158
X-Spam-Level:
X-Spam-Status: No, score=-3.158 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-1.156, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8_3BTm3zKzxI; Thu, 2 Feb 2017 10:05:06 -0800 (PST)
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on0090.outbound.protection.outlook.com [104.47.36.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 695EE129409; Thu, 2 Feb 2017 10:05:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=847G0E6d/KNNXnJEEVxFEnCov3PbgEWdsf98ZKiSS1s=; b=AbvZgocT6nKYPZIVrhKoDz14IVzxvyxChJmEohzPJjLAeSIOJAhSLiUlNlRt52A3ANyOypss8YQgqBpZ9+8Be+RegLjOvtN0RUHXtNWSfHY1aIQcOqpykOKBa+Eu140wNo5c2okHqAbTGp3ji4clRcIdwePf2CSOaIXAoJjBzsY=
Received: from BN3PR03MB2355.namprd03.prod.outlook.com (10.166.74.150) by BN3PR03MB2354.namprd03.prod.outlook.com (10.166.74.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.874.12; Thu, 2 Feb 2017 18:05:04 +0000
Received: from BN3PR03MB2355.namprd03.prod.outlook.com ([10.166.74.150]) by BN3PR03MB2355.namprd03.prod.outlook.com ([10.166.74.150]) with mapi id 15.01.0874.021; Thu, 2 Feb 2017 18:05:04 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Alexey Melnikov <aamelnikov@fastmail.fm>, The IESG <iesg@ietf.org>
Thread-Topic: Alexey Melnikov's Discuss on draft-ietf-oauth-amr-values-05: (with DISCUSS and COMMENT)
Thread-Index: AQHSfSstZ8gA/avhoUyAuPTivWAUwqFV0P+QgAAArYCAADBacA==
Date: Thu, 2 Feb 2017 18:05:04 +0000
Message-ID: <BN3PR03MB235525F67155805900076665F54C0@BN3PR03MB2355.namprd03.prod.outlook.com>
References: <148602274618.28299.16863291767893795433.idtracker@ietfa.amsl.com> <BN3PR03MB2355DFDFA5F06F9479A2FE66F54C0@BN3PR03MB2355.namprd03.prod.outlook.com> <1486048021.331167.868093568.44D5380B@webmail.messagingengine.com>
In-Reply-To: <1486048021.331167.868093568.44D5380B@webmail.messagingengine.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [2001:4898:80e8:4::36]
x-ms-office365-filtering-correlation-id: 27f2b5b7-d1d9-4f18-841c-08d44b960393
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081); SRVR:BN3PR03MB2354;
x-microsoft-exchange-diagnostics: 1; BN3PR03MB2354; 7:6d2LjR0fx8wSoUh/AOAONtqEa4hdGN1HDL1b3lrL02HzceWCRm03f/xbI6nnJ28JjQZeNtqLbTgKvGX1EEjMQjQB78jRl1gia2DJmazLOuxBohIdn7c7VY+5HSRztVoNRwkpBJePbIK6+7lXh/pMIiKPcCTdZcwm+OEl/02uiloaxz2nZge/esL80m1DGKewmyM9gxA0BADPnl82o4tfYK1a/we6ixMhH7MtNY7WqOD73DKOUBUPiqEuLtmjCmknGpnqmZWhmAc6Wlg6LmPcq0wjk7c8aLhpPl7N5YkgPoKtecPGSbG4H8xMNayo/C14h2XIg1G/7le+LRtgKPgBnQGYXIRKEtloSLaqVCFoZd6iOqvBv8DlWvD/2wTZxBcNbwADRKlj6Eq6oIGbxf8dglrLuYeCSgfWtYSSShoimVlg7N45eukkTcxSt3jwv2+lR/T0Nno7FJaSYgAnAZyvRR3U40qmv31uO5flI1qfb759PXly2+CoxoPu0WQ6LaxEbRdfxC0c1vFTfRhyHHpSfnsWqtapEj9MXr7Q7Tu/dt7Tl2FrY38z9N1ViDXiBRFF
x-microsoft-antispam-prvs: <BN3PR03MB23540E14DFF6DD0C2A7B82A8F54C0@BN3PR03MB2354.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(120809045254105)(131327999870524)(248736688235697);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(6040375)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001)(6055026)(61426038)(61427038)(6041248)(20161123564025)(20161123558025)(20161123555025)(20161123562025)(20161123560025)(6072148)(6042181); SRVR:BN3PR03MB2354; BCL:0; PCL:0; RULEID:; SRVR:BN3PR03MB2354;
x-forefront-prvs: 02065A9E77
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(7916002)(377454003)(189002)(51444003)(199003)(13464003)(24454002)(6116002)(5001770100001)(53936002)(97736004)(10090500001)(3280700002)(8990500004)(5005710100001)(2906002)(4326007)(106116001)(102836003)(230783001)(7736002)(10290500002)(106356001)(305945005)(105586002)(5660300001)(2950100002)(7696004)(6306002)(3660700001)(77096006)(25786008)(76176999)(189998001)(8666007)(6436002)(6506006)(229853002)(74316002)(55016002)(38730400001)(54906002)(9686003)(99286003)(54356999)(8676002)(86362001)(122556002)(68736007)(81156014)(86612001)(81166006)(101416001)(8936002)(33656002)(2900100001)(92566002)(50986999); DIR:OUT; SFP:1102; SCL:1; SRVR:BN3PR03MB2354; H:BN3PR03MB2355.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Feb 2017 18:05:04.1988 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3PR03MB2354
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/eEcS2FC1Z7IRgxohX8STr9_yF8Q>
Cc: "oauth-chairs@ietf.org" <oauth-chairs@ietf.org>, "draft-ietf-oauth-amr-values@ietf.org" <draft-ietf-oauth-amr-values@ietf.org>, "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Alexey Melnikov's Discuss on draft-ietf-oauth-amr-values-05: (with DISCUSS and COMMENT)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Feb 2017 18:05:08 -0000

I was planning to stay with the characters specified in 6.1 (a) https://tools.ietf.org/html/draft-ietf-oauth-amr-values-05#section-6.1:

   a.  require that Authentication Method Reference values being
       registered use only printable ASCII characters excluding double
       quote ('"') and backslash ('\') (the Unicode characters with code
       points U+0021, U+0023 through U+005B, and U+005D through U+007E),

That excludes space.  That's the set taken from RFC 7638, Section 6 https://tools.ietf.org/html/rfc7638#section-6, which is a very related usage.

Space is excluded because sometimes in OAuth messages, values are represented as space-separated strings.

				-- Mike

-----Original Message-----
From: Alexey Melnikov [mailto:aamelnikov@fastmail.fm] 
Sent: Thursday, February 2, 2017 7:07 AM
To: Mike Jones <Michael.Jones@microsoft.com>;; The IESG <iesg@ietf.org>;
Cc: draft-ietf-oauth-amr-values@ietf.org; Hannes Tschofenig <Hannes.Tschofenig@gmx.net>;; oauth-chairs@ietf.org; oauth@ietf.org
Subject: Re: Alexey Melnikov's Discuss on draft-ietf-oauth-amr-values-05: (with DISCUSS and COMMENT)

Hi Mike,

On Thu, Feb 2, 2017, at 03:05 PM, Mike Jones wrote:
> I'd be OK limiting the protocol elements to using ASCII characters, if 
> that would be the IESG's preference.

I think that would be much simpler for everybody.

I still want to confirm that spaces are allowed in names. Can you confirm?

> 
> -----Original Message-----
> From: Alexey Melnikov [mailto:aamelnikov@fastmail.fm]
> Sent: Thursday, February 2, 2017 12:06 AM
> To: The IESG <iesg@ietf.org>;
> Cc: draft-ietf-oauth-amr-values@ietf.org; Hannes Tschofenig 
> <Hannes.Tschofenig@gmx.net>;; oauth-chairs@ietf.org; 
> Hannes.Tschofenig@gmx.net; oauth@ietf.org
> Subject: Alexey Melnikov's Discuss on draft-ietf-oauth-amr-values-05:
> (with DISCUSS and COMMENT)
> 
> Alexey Melnikov has entered the following ballot position for
> draft-ietf-oauth-amr-values-05: Discuss
> 
> When responding, please keep the subject line intact and reply to all 
> email addresses included in the To and CC lines. (Feel free to cut 
> this introductory paragraph, however.)
> 
> 
> Please refer to 
> https://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
> 
> 
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-oauth-amr-values/
> 
> 
> 
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
> 
> This is a fine document and I support its publication. However I have 
> a small set of issues that I would like to discuss first.
> 
> Are non ASCII names needed? (This is a protocol element, not a human 
> readable string, so non ASCII is not needed). Are ASCII spaces allowed 
> in names? More generally: what do you call printable character?
> 
> 
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
> 
> In Section 6.1: suggestion to first describe IANA registration policy, 
> then describe restrictions on registered names. Otherwise the current 
> text doesn't flow well.
> 
> I am also agreeing with Stephen's DISCUSS.
> 
>