IETF Logo Mail Archive

Re: [OAUTH-WG] Alexey Melnikov's Discuss on draft-ietf-oauth-discovery-08: (with DISCUSS and COMMENT)

Mike Jones <Michael.Jones@microsoft.com> Sun, 28 January 2018 15:23 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7A86C12ECC3; Sun, 28 Jan 2018 07:23:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.02
X-Spam-Level:
X-Spam-Status: No, score=-2.02 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oRLUiw98qjhA; Sun, 28 Jan 2018 07:23:00 -0800 (PST)
Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-sn1nam01on0139.outbound.protection.outlook.com [104.47.32.139]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 993F912ECB6; Sun, 28 Jan 2018 07:23:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=VVxLeT0aLaRX8fIvPWiq/9Yjo0f5fk3I19p/+FI/SI4=; b=iusETpbQlLJ/G06GT+bn8sTBlbTJkKT8ULirRCxvSQ8myCD0kP110Vn82igL9OYgfXqbN9A2cm1kKqqrbgyjOdADPAFher1JMB5Ag3/sr3Vzl3q1q0up2uCrR4FHaX7ExvSZftg+73XmTITTnc03p1UMi3Oht9a0jTXNWCfFjB8=
Received: from SN6PR2101MB0943.namprd21.prod.outlook.com (52.132.114.20) by SN6PR2101MB0894.namprd21.prod.outlook.com (52.132.116.159) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.485.0; Sun, 28 Jan 2018 15:22:58 +0000
Received: from SN6PR2101MB0943.namprd21.prod.outlook.com ([fe80::7068:47f5:3e1c:ce6a]) by SN6PR2101MB0943.namprd21.prod.outlook.com ([fe80::7068:47f5:3e1c:ce6a%6]) with mapi id 15.20.0485.000; Sun, 28 Jan 2018 15:22:58 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: The IESG <iesg@ietf.org>, Alexey Melnikov <aamelnikov@fastmail.fm>
CC: "draft-ietf-oauth-discovery@ietf.org" <draft-ietf-oauth-discovery@ietf.org>, "oauth-chairs@ietf.org" <oauth-chairs@ietf.org>, "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: [OAUTH-WG] Alexey Melnikov's Discuss on draft-ietf-oauth-discovery-08: (with DISCUSS and COMMENT)
Thread-Index: AQHTlOop6dUBqhyeJUqE43siwWseqKODkaAQgAXXNACAAAUYYA==
Date: Sun, 28 Jan 2018 15:22:58 +0000
Message-ID: <SN6PR2101MB0943DB73605F3ACAC6C85B4AF5E60@SN6PR2101MB0943.namprd21.prod.outlook.com>
References: <151678115299.24088.6785024209658543295.idtracker@ietfa.amsl.com> <DM5PR2101MB0934487B64A5CDA299AA529EF5E20@DM5PR2101MB0934.namprd21.prod.outlook.com>, <1517151884.2936052.1250819288.30846638@webmail.messagingengine.com>
In-Reply-To: <1517151884.2936052.1250819288.30846638@webmail.messagingengine.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [104.208.33.187]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; SN6PR2101MB0894; 7:AdBReUnPHO5qvrrR0QivBavcLLJPM+NMelzr+UvqSZgWJB6WegFlEYFhvN6lVgy1DDkIPnUZX9hGjtENhS7JjBbjLjFzNDQzCdx4Br1eS+o1XHPtBXuw/qrEVUrn7U5lTIUs1CpA0Bu+gcKcEg504zKoKpXRNtG1kNrSfPX1e+gvbcmAR/Om2fdMhVGOOmCIL9snRwyGfgazfC5IrtpBiRl12loldSCvpXrH6pl98823TH9ZKVis6q4n7/zgv29e
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: cbd17a1e-6783-4991-b249-08d566630375
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(4534165)(4627221)(201703031133081)(201702281549075)(48565401081)(5600026)(4604075)(3008032)(2017052603307)(7193020); SRVR:SN6PR2101MB0894;
x-ms-traffictypediagnostic: SN6PR2101MB0894:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-microsoft-antispam-prvs: <SN6PR2101MB089415165972D9BCFADF7853F5E60@SN6PR2101MB0894.namprd21.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(120809045254105)(248736688235697);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(6040501)(2401047)(8121501046)(5005006)(3231101)(2400081)(944501161)(10201501046)(3002001)(93006095)(93001095)(6055026)(61426038)(61427038)(6041288)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(20161123560045)(20161123558120)(20161123562045)(6072148)(201708071742011); SRVR:SN6PR2101MB0894; BCL:0; PCL:0; RULEID:; SRVR:SN6PR2101MB0894;
x-forefront-prvs: 05669A7924
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39860400002)(376002)(346002)(396003)(39380400002)(366004)(51914003)(13464003)(189003)(199004)(54896002)(4326008)(3660700001)(7736002)(316002)(8666007)(6506007)(2906002)(53546011)(6306002)(5250100002)(26005)(102836004)(68736007)(9686003)(55016002)(86612001)(106356001)(10090500001)(8990500004)(25786009)(66066001)(74316002)(10290500003)(2900100001)(22452003)(33656002)(6246003)(2950100002)(345774005)(6436002)(478600001)(966005)(7696005)(186003)(14454004)(72206003)(81156014)(229853002)(76176011)(54906003)(5660300001)(8676002)(99286004)(3280700002)(97736004)(81166006)(3846002)(6116002)(8936002)(110136005)(86362001)(53936002)(105586002); DIR:OUT; SFP:1102; SCL:1; SRVR:SN6PR2101MB0894; H:SN6PR2101MB0943.namprd21.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: n/ilFU+hP9UFx6Up8P8ldFte087HiDgs+mQfZlU8lNL0wNLybimRv254ouQ7JuxycUPBzeJX5lpqcshGg7x6UQ==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_SN6PR2101MB0943DB73605F3ACAC6C85B4AF5E60SN6PR2101MB0943_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: cbd17a1e-6783-4991-b249-08d566630375
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Jan 2018 15:22:58.6562 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR2101MB0894
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/ix-JPODs7nHCDdNiTzNVJmsl9FY>
Subject: Re: [OAUTH-WG] Alexey Melnikov's Discuss on draft-ietf-oauth-discovery-08: (with DISCUSS and COMMENT)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Jan 2018 15:23:03 -0000

Your understanding matches with the intent of the language from RFC 7638. I'll plan to proceed on that basis then.

Thanks again,
-- Mike

From: Alexey Melnikov
Sent: Sunday, January 28, 7:04 AM
Subject: Re: [OAUTH-WG] Alexey Melnikov's Discuss on draft-ietf-oauth-discovery-08: (with DISCUSS and COMMENT)
To: Mike Jones, The IESG
Cc: draft-ietf-oauth-discovery@ietf.org, oauth-chairs@ietf.org, oauth@ietf.org


Hi Mike, On Wed, Jan 24, 2018, at 10:11 PM, Mike Jones wrote: > Thanks for the useful review, Alexey. I propose that we use the same > character restrictions that are described in > https://tools.ietf.org/html/rfc7638#section-6, which are: > > (a) require that member names being registered use > only printable ASCII characters excluding double quote ('"') and > backslash ('\') (the Unicode characters with code points U+0021, > U+0023 through U+005B, and U+005D through U+007E), This looks reasonable. > or > > (b) if new members are defined that use other code > points, require that their definitions specify the exact Unicode code > point sequences used to represent them. Furthermore, proposed > registrations that use Unicode code points that can only be > represented in JSON strings as escaped characters must not be > accepted. So just to double check: it is Ok to register names in Greek or Cyrillic (for example) and they will be compared in a case sensitive manner? > I also propose that we say that member name comparison occurs in the > manner described in https://tools.ietf.org/html/rfc7159#section-8.3. My understanding is that RFC 7159 recommends case-sensitive comparison and that is fine with me. > Will that work for you, Alexey? Best Regards, Alexey > > Thanks, > -- Mike > > -----Original Message----- > From: Alexey Melnikov [mailto:aamelnikov@fastmail.fm] > Sent: Wednesday, January 24, 2018 12:06 AM > To: The IESG > Cc: draft-ietf-oauth-discovery@ietf.org; Hannes Tschofenig > ; oauth-chairs@ietf.org; > Hannes.Tschofenig@gmx.net; oauth@ietf.org > Subject: Alexey Melnikov's Discuss on draft-ietf-oauth-discovery-08: > (with DISCUSS and COMMENT) > > Alexey Melnikov has entered the following ballot position for > draft-ietf-oauth-discovery-08: Discuss > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-oauth-discovery/ > > > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > Thank you for the well written IANA Considerations section. I have one > comment on it which should be easy to resolve: > > The document doesn't seem to say anything about allowed characters in > Metadata names. When the document talks about "case-insensitive > matching", it is not clear how to implement the matching, because it is > not clear whether or not Metadata names are ASCII only. If they are not, > then you need to better define what "case insensitive" means. > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > I am agreeing with Adam's DISCUSS. > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth

v2.23.0 | Report a Bug | By Email