Re: [OAUTH-WG] Fwd: New Version Notification for draft-lodderstedt-oauth-jwt-introspection-response-00.txt
"Brock Allen" <brockallen@gmail.com> Sun, 18 March 2018 19:40 UTC
Return-Path: <brockallen@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BCC0D129C6D for <oauth@ietfa.amsl.com>; Sun, 18 Mar 2018 12:40:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f9VjVm9m5d7v for <oauth@ietfa.amsl.com>; Sun, 18 Mar 2018 12:40:12 -0700 (PDT)
Received: from mail-qk0-x22b.google.com (mail-qk0-x22b.google.com [IPv6:2607:f8b0:400d:c09::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 72D3F129C59 for <oauth@ietf.org>; Sun, 18 Mar 2018 12:40:12 -0700 (PDT)
Received: by mail-qk0-x22b.google.com with SMTP id 132so16239776qkd.5 for <oauth@ietf.org>; Sun, 18 Mar 2018 12:40:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:date:message-id:subject:from:to:in-reply-to:references :user-agent; bh=ZqVNvYdYVGEp0rgy84dFHVC3KWvm/z8MLPhffovEYag=; b=Oq/nwwA+F1JLwlz/tHuFc/mrTSp+oU8LlwD4fuvqj6iAUezL9yh/HEIXYZ9ed0VSqC ioGIxlIpvQBTwR+fcpd0h8kA5ct0xmXbVX+rjrValjXSNoZzKxUcs0cHw93zX1uJou1t +gqUWm4b7QEEaBliwVtZOM3Lc/zW4f0lZu850ZEQHVcMNIEvtI3ffcwrToVAJzeuBuRK GNoVYMjUrsh+pQkIu/gB4ocvtU0kGHs79MLKUSyGoQLPAr77EXABZUnNJuSZbFPWhO6z PUrXw/KHfVbm8FnjmmaCWQyWd0Fwdm00ni6Gh/dCTobtIS74hOdhyMrh8tNiFP2PmUXO EhQg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:date:message-id:subject:from:to :in-reply-to:references:user-agent; bh=ZqVNvYdYVGEp0rgy84dFHVC3KWvm/z8MLPhffovEYag=; b=HOrxfd/+hiMffUa/NAu8J+Jkx0jS2iXviJC4MrWB/7DZgyOdHwFfrDLfjNF3r7FPES Xl37qNn6bsUOQIFIyCOuh0tsYlquV/KYb9Q4p9sEcrrvTl893Og/tIXyiA9YzmcIIlIW 09xH8bgCIwyR/3+qBKBurYnekHT9zgCxgtvHKOtEqRBWCyY2t7KLSiUNE5bsmyfFrbvb ktVEPZE7aa7j/aviuwf9e3bHTn9uJJnM+oJ85PPRfHVwr6S6DHbPrXw7DFcsEyxLH6l8 9MxweleqE73aMYmvm78rUXO6P5C2mgBHh7yhq2uLDjjSJy//OZrR0edRVrEK2EDy86BW 5EBg==
X-Gm-Message-State: AElRT7HLvP+7ln0siH6XPA3cqb+Fp4q6kPwnCKRxvU/Wo/k18c0AGJ8O JU0T/oTqo1ntbiky4VXH123BQsXk
X-Google-Smtp-Source: AG47ELt8HpgzDSToEXrQW+RZ7Lqz5Qw3m4r9/89QvkciavVH9MYOWPXcj/jcCAxYJ9BF30sPNtdyNw==
X-Received: by 10.55.143.199 with SMTP id r190mr14256996qkd.329.1521402011481; Sun, 18 Mar 2018 12:40:11 -0700 (PDT)
Received: from [10.0.1.2] ([24.38.185.147]) by smtp.gmail.com with ESMTPSA id b55sm9375078qta.27.2018.03.18.12.40.10 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 18 Mar 2018 12:40:10 -0700 (PDT)
Content-Type: multipart/alternative; boundary="----=_NextPart_21587636.773652091302"
MIME-Version: 1.0
Date: Sun, 18 Mar 2018 15:40:07 -0400
Message-ID: <308c1c61-a2ba-4e45-9fe6-9d525e554fb7@getmailbird.com>
From: Brock Allen <brockallen@gmail.com>
To: Torsten Lodderstedt <torsten@lodderstedt.net>, oauth@ietf.org
In-Reply-To: <2A1E98B8-973E-44F0-96F0-E319FD6969A8@lodderstedt.net>
References: <152140077785.15835.11388192447917251931.idtracker@ietfa.amsl.com> <2A1E98B8-973E-44F0-96F0-E319FD6969A8@lodderstedt.net>
User-Agent: Mailbird/2.5.1.0
X-Mailbird-ID: 308c1c61-a2ba-4e45-9fe6-9d525e554fb7@getmailbird.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/l0lXRBru5VjjmuKGNdRw4NRCGoI>
Subject: Re: [OAUTH-WG] Fwd: New Version Notification for draft-lodderstedt-oauth-jwt-introspection-response-00.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 18 Mar 2018 19:40:15 -0000
Why is TLS to the intospection endpoint not sufficient? Are you thinking there needs to be some multi-tenancy support of some kind? -Brock On 3/18/2018 3:33:16 PM, Torsten Lodderstedt <torsten@lodderstedt.net> wrote: Hi all, I just submitted a new draft that Vladimir Dzhuvinov and I have written. It proposes a JWT-based response type for Token Introspection. The objective is to provide resource servers with signed tokens in case they need cryptographic evidence that the AS created the token (e.g. for liability). I will present the new draft in the session on Wednesday. kind regards, Torsten. Anfang der weitergeleiteten Nachricht: Von: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org] Betreff: New Version Notification for draft-lodderstedt-oauth-jwt-introspection-response-00.txt Datum: 18. März 2018 um 20:19:37 MEZ An: "Vladimir Dzhuvinov" <vladimir@connect2id.com [mailto:vladimir@connect2id.com]>, "Torsten Lodderstedt" <torsten@lodderstedt.net [mailto:torsten@lodderstedt.net]> A new version of I-D, draft-lodderstedt-oauth-jwt-introspection-response-00.txt has been successfully submitted by Torsten Lodderstedt and posted to the IETF repository. Name: draft-lodderstedt-oauth-jwt-introspection-response Revision: 00 Title: JWT Response for OAuth Token Introspection Document date: 2018-03-15 Group: Individual Submission Pages: 5 URL: https://www.ietf.org/internet-drafts/draft-lodderstedt-oauth-jwt-introspection-response-00.txt [https://www.ietf.org/internet-drafts/draft-lodderstedt-oauth-jwt-introspection-response-00.txt] Status: https://datatracker.ietf.org/doc/draft-lodderstedt-oauth-jwt-introspection-response/ [https://datatracker.ietf.org/doc/draft-lodderstedt-oauth-jwt-introspection-response/] Htmlized: https://tools.ietf.org/html/draft-lodderstedt-oauth-jwt-introspection-response-00 [https://tools.ietf.org/html/draft-lodderstedt-oauth-jwt-introspection-response-00] Htmlized: https://datatracker.ietf.org/doc/html/draft-lodderstedt-oauth-jwt-introspection-response [https://datatracker.ietf.org/doc/html/draft-lodderstedt-oauth-jwt-introspection-response] Abstract: This draft proposes an additional JSON Web Token (JWT) based response for OAuth 2.0 Token Introspection. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org [http://tools.ietf.org]. The IETF Secretariat
- [OAUTH-WG] Fwd: New Version Notification for draf… Torsten Lodderstedt
- Re: [OAUTH-WG] Fwd: New Version Notification for … Brock Allen
- Re: [OAUTH-WG] Fwd: New Version Notification for … LARMIGNAT Louis
- Re: [OAUTH-WG] Fwd: New Version Notification for … Phil Hunt
- Re: [OAUTH-WG] New Version Notification for draft… Torsten Lodderstedt
- Re: [OAUTH-WG] New Version Notification for draft… Torsten Lodderstedt
- Re: [OAUTH-WG] New Version Notification for draft… Phil Hunt
- Re: [OAUTH-WG] New Version Notification for draft… Samuel Erdtman
- Re: [OAUTH-WG] New Version Notification for draft… Brian Campbell
- Re: [OAUTH-WG] Fwd: New Version Notification for … Petteri Stenius
- Re: [OAUTH-WG] New Version Notification for draft… Neil Madden
- Re: [OAUTH-WG] New Version Notification for draft… Neil Madden
- Re: [OAUTH-WG] New Version Notification for draft… Torsten Lodderstedt
- Re: [OAUTH-WG] New Version Notification for draft… Torsten Lodderstedt
- Re: [OAUTH-WG] New Version Notification for draft… Neil Madden
- Re: [OAUTH-WG] New Version Notification for draft… Torsten Lodderstedt