IETF Logo Mail Archive

Re: [OAUTH-WG] Dynamic Client Registration: jwks / jwks_uri

Hannes Tschofenig <hannes.tschofenig@gmx.net> Mon, 14 July 2014 18:36 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A124A1A0027 for <oauth@ietfa.amsl.com>; Mon, 14 Jul 2014 11:36:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.551
X-Spam-Level:
X-Spam-Status: No, score=-2.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KGqftofEHf-w for <oauth@ietfa.amsl.com>; Mon, 14 Jul 2014 11:36:53 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.18]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 31C021A002B for <oauth@ietf.org>; Mon, 14 Jul 2014 11:36:53 -0700 (PDT)
Received: from [172.16.254.119] ([80.92.116.212]) by mail.gmx.com (mrgmx002) with ESMTPSA (Nemesis) id 0LtaDM-1WNq3c2mwe-010y8g; Mon, 14 Jul 2014 20:36:44 +0200
Message-ID: <53C4233B.7090403@gmx.net>
Date: Mon, 14 Jul 2014 20:36:43 +0200
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: Mike Jones <Michael.Jones@microsoft.com>, Brian Campbell <bcampbell@pingidentity.com>, John Bradley <ve7jtb@ve7jtb.com>
References: <53BBDF5B.3020904@gmx.net> <4E1F6AAD24975D4BA5B16804296739439ADA0841@TK5EX14MBXC294.redmond.corp.microsoft.com> <2CAA155D-E87E-4465-9110-C142D7085A56@ve7jtb.com> <CA+k3eCSmhKor+N-H8gt_GtQ7-4b1tVjS2n+hUpOmOawJWThBMQ@mail.gmail.com> <53C3A5F2.908@gmx.net> <4E1F6AAD24975D4BA5B16804296739439ADA8D92@TK5EX14MBXC294.redmond.corp.microsoft.com> <53C41721.7020607@gmx.net> <4E1F6AAD24975D4BA5B16804296739439ADA9143@TK5EX14MBXC294.redmond.corp.microsoft.com> <53C41A08.7010203@gmx.net> <4E1F6AAD24975D4BA5B16804296739439ADA9190@TK5EX14MBXC294.redmond.corp.microsoft.com>
In-Reply-To: <4E1F6AAD24975D4BA5B16804296739439ADA9190@TK5EX14MBXC294.redmond.corp.microsoft.com>
X-Enigmail-Version: 1.5.2
OpenPGP: id=4D776BC9
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="1bU6RW3RlG3lu2jhNrsJS4FdetFB0VO3j"
X-Provags-ID: V03:K0:oBMJbwTTv0KMMmmK/hGtdUxlYL4oIUgW3tt9ZHvV9/O8Efxu3iy 6gntiyKZitKwLrdaWjx86XfG1HwqPCY1F9TAfq5DAsRuKnW9yh30VE1iFEN61Tc9bXZUyKB wcjEYFxRThaIaMd1I+i1lIM2vE/injas4zuhvq7SBMJdo+/yeDHENGX43vzw3WCfbWnhXs8 0bWl8Js1a13HYBmQkNrlg==
Archived-At: http://mailarchive.ietf.org/arch/msg/oauth/i8qN0UamAUrhyXr2Kq0HPj9pHq8
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Dynamic Client Registration: jwks / jwks_uri
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Jul 2014 18:36:54 -0000

Hi Mike,

there is no problem referencing an individual draft particularly when
that reference gives some hint about how the stuff is used (particularly
when the referenced document might be a working group draft at the time
when the dynamic client registration document gets published as an RFC).

In this specific case I haven't even thought about that
draft-sakimura-oauth-requrl-05...

Ciao
Hannes

On 07/14/2014 07:59 PM, Mike Jones wrote:
> I'm not suggesting that we reference it.  We reference JWT using the language I already provided.  I was just giving you another example of a signed JWT sent to the authorization server, since you couldn't think of any off the top of your head.
> 
> -----Original Message-----
> From: Hannes Tschofenig [mailto:hannes.tschofenig@gmx.net] 
> Sent: Monday, July 14, 2014 10:57 AM
> To: Mike Jones; Brian Campbell; John Bradley
> Cc: oauth@ietf.org
> Subject: Re: [OAUTH-WG] Dynamic Client Registration: jwks / jwks_uri
> 
> That would then be a reference to an individual draft ;-)
> 
> On 07/14/2014 07:55 PM, Mike Jones wrote:
>> One example is when used as a signed request to the authorization server, as is done in http://tools.ietf.org/html/draft-sakimura-oauth-requrl-05.
>

v2.23.0 | Report a Bug | By Email