Re: [OAUTH-WG] Fwd: I-D Action: draft-ietf-oauth-token-exchange-04.txt
Thomas Broyer <t.broyer@gmail.com> Sat, 05 March 2016 02:59 UTC
Return-Path: <t.broyer@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D9E491B38CD for <oauth@ietfa.amsl.com>; Fri, 4 Mar 2016 18:59:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dJmpychrWh0v for <oauth@ietfa.amsl.com>; Fri, 4 Mar 2016 18:59:37 -0800 (PST)
Received: from mail-lb0-x22c.google.com (mail-lb0-x22c.google.com [IPv6:2a00:1450:4010:c04::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B2EEA1B38C6 for <oauth@ietf.org>; Fri, 4 Mar 2016 18:59:36 -0800 (PST)
Received: by mail-lb0-x22c.google.com with SMTP id cf7so64234483lbb.1 for <oauth@ietf.org>; Fri, 04 Mar 2016 18:59:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=hUQ4eznTgwcYRd2yvYOGY4xcS+nzl5+XXC4Xdk62pWs=; b=BC68xgmHNvxEEgSLudlRH5FMDj7oQvKnnJIXqKPOmxIUzzr/S9KqGpn+xTdUkVMUck PX8ZEVRSU5acCwnKKZGbEMQGsQkQAuM1HyHbkeoEFKIRaUx7J2xlgXcmsR5kdutpJkLr 4lTkWpbdupiPhq38NEVDj+AoSTXQY87lbxs5o2c/qCXQgn/jL7UY6Q+RHokH+sbS8fV9 zDJYLgYdMzCex3d/0yBMcevueyyeHoe3oqsj3tF8zbmIm2kKMfyoIsVeyB6pzZWgFptc hKH2ASu90V553V6kIkGsQOcO8BYB4ZWA3ttmq1SoyMRbJcETWwAobOpKN5u3EQsGApja NC9g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=hUQ4eznTgwcYRd2yvYOGY4xcS+nzl5+XXC4Xdk62pWs=; b=EvuB5uZ6+BUc9wzAOeJoG0nCdJVdhv6kygZdnOAq2oBFu1fWwcQHJdZLqWOXmGx7ox 9msv1yNM4SSGthVHMDvkxwIuASTI2I1APzdSpqueOfEufmm0YmBLl7t+RkRyZPgsdAWW HZw0sfFiuzMNJFbOhJycE7uNuu17WKUT7ttXaEVhTwQkoaHpA7DVNQLzWysf7ympLUwW lNyt3omwB7BCCS2jRjC+Jm4brtJZBqL+3Pf4bjZRI45zwSgiIcT9NpDzLehU6U5cZr1Y q6yBkD13F+VfLJrKp1u0ZxNORvesvn8HXM8TZbNJak6SFLg4nlShOW9mBIsoNe9Q6P+B E7QA==
X-Gm-Message-State: AD7BkJKBqDqoXyyEMrEceTMsGwaTL+G5pBkFnKj6XI/qEpxEgRBPj+M/sCC1qd0MptG/NqZ/cFmv/Qd6kMMl4A==
X-Received: by 10.112.140.129 with SMTP id rg1mr4385160lbb.80.1457146774981; Fri, 04 Mar 2016 18:59:34 -0800 (PST)
MIME-Version: 1.0
References: <20160304195722.15295.99595.idtracker@ietfa.amsl.com> <CA+k3eCS3WPDUaVnoMv9FnSjQWcm7JZduQ=RTsVTCnYjsA9Rr+Q@mail.gmail.com>
In-Reply-To: <CA+k3eCS3WPDUaVnoMv9FnSjQWcm7JZduQ=RTsVTCnYjsA9Rr+Q@mail.gmail.com>
From: Thomas Broyer <t.broyer@gmail.com>
Date: Sat, 05 Mar 2016 02:59:25 +0000
Message-ID: <CAEayHEM_YuXVMeHySdY9tz6CJWb4zUPFzU8szXEF5+38MTnLPw@mail.gmail.com>
To: Brian Campbell <bcampbell@pingidentity.com>, oauth <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="001a11c26ba8e89675052d446bcd"
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/gZkJLf0HhnMkyBlIon3fkwTnBR0>
Subject: Re: [OAUTH-WG] Fwd: I-D Action: draft-ietf-oauth-token-exchange-04.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Mar 2016 02:59:40 -0000
Should the act and may_act also be registered for Introspection Endpoint responses? Le ven. 4 mars 2016 21:13, Brian Campbell <bcampbell@pingidentity.com> a écrit : > > A new draft of "OAuth 2.0 Token Exchange" has been published addressing > review comments on the prior draft. The changes from -03 are listed here: > > https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-04 > > o Clarified that the "resource" and "audience" request parameters > can be used at the same time (via http://www.ietf.org/mail- <http://www.ietf.org/mail-archive/web/oauth/current/msg15335.html> > archive/web/oauth/current/msg15335.html <http://www.ietf.org/mail-archive/web/oauth/current/msg15335.html>). > o Clarified subject/actor token validity after token exchange and > explained a bit more about the recommendation to not issue refresh > tokens (via http://www.ietf.org/mail-archive/web/oauth/current/ <http://www.ietf.org/mail-archive/web/oauth/current/msg15318.html> > msg15318.html <http://www.ietf.org/mail-archive/web/oauth/current/msg15318.html>). > o Updated the examples appendix to use an issuer value that doesn't > imply that the client issued and signed the tokens and used > "Bearer" and "urn:ietf:params:oauth:token-type:access_token" in > one of the responses (via http://www.ietf.org/mail- <http://www.ietf.org/mail-archive/web/oauth/current/msg15335.html> > archive/web/oauth/current/msg15335.html <http://www.ietf.org/mail-archive/web/oauth/current/msg15335.html>). > o Defined and registered urn:ietf:params:oauth:token-type:id_token, > since some use cases perform token exchanges for ID Tokens and no > > > > ---------- Forwarded message ---------- > From: <internet-drafts@ietf.org> > Date: Fri, Mar 4, 2016 at 12:57 PM > Subject: [OAUTH-WG] I-D Action: draft-ietf-oauth-token-exchange-04.txt > To: i-d-announce@ietf.org > Cc: oauth@ietf.org > > > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Web Authorization Protocol of the IETF. > > Title : OAuth 2.0 Token Exchange: An STS for the REST of > Us > Authors : Michael B. Jones > Anthony Nadalin > Brian Campbell > John Bradley > Chuck Mortimore > Filename : draft-ietf-oauth-token-exchange-04.txt > Pages : 28 > Date : 2016-03-04 > > Abstract: > This specification defines a protocol for a lightweight HTTP- and > JSON- based Security Token Service (STS) by defining how to request > and obtain security tokens from OAuth 2.0 authorization servers, > including security tokens employing impersonation and delegation. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-oauth-token-exchange/ > > There's also a htmlized version available at: > https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-04 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-token-exchange-04 > > > Please note that it may take a couple of minutes from the time of > submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth >
- [OAUTH-WG] I-D Action: draft-ietf-oauth-token-exc… internet-drafts
- [OAUTH-WG] Fwd: I-D Action: draft-ietf-oauth-toke… Brian Campbell
- Re: [OAUTH-WG] Fwd: I-D Action: draft-ietf-oauth-… Thomas Broyer
- Re: [OAUTH-WG] Fwd: I-D Action: draft-ietf-oauth-… Brian Campbell