[OAUTH-WG] OAuth Authorization Server Metadata decoupled from OAuth Protected Resource Metadata
Mike Jones <Michael.Jones@microsoft.com> Fri, 20 January 2017 03:49 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D16D41297AA for <oauth@ietfa.amsl.com>; Thu, 19 Jan 2017 19:49:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.021
X-Spam-Level:
X-Spam-Status: No, score=-2.021 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EKav1phfbuNJ for <oauth@ietfa.amsl.com>; Thu, 19 Jan 2017 19:49:38 -0800 (PST)
Received: from NAM01-BY2-obe.outbound.protection.outlook.com (mail-by2nam01on0138.outbound.protection.outlook.com [104.47.34.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6DAB71293F3 for <oauth@ietf.org>; Thu, 19 Jan 2017 19:49:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Dqj3WzMxAs40dZc1gJn7bitlrh41DSzdsLwjP93hFhE=; b=KyntSKWiKOwKhFlc8tH/PfW/kEqHoQ2OFKAF3MsFeEKvHH9QCw0+h0jhk7o+HgkM1MpxxE55b9BBPCUM192EDo+spR7yC7Ao4vToZRXFKP6z3d+VokuHxi8basE+ycHcZvoFTtCRC/r/vmclulCHYgWQyCP6lrs9dgqfomYVqtQ=
Received: from BN3PR03MB2355.namprd03.prod.outlook.com (10.166.74.150) by BN3PR03MB2356.namprd03.prod.outlook.com (10.166.74.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.860.13; Fri, 20 Jan 2017 03:49:37 +0000
Received: from BN3PR03MB2355.namprd03.prod.outlook.com ([10.166.74.150]) by BN3PR03MB2355.namprd03.prod.outlook.com ([10.166.74.150]) with mapi id 15.01.0860.012; Fri, 20 Jan 2017 03:49:36 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: OAuth Authorization Server Metadata decoupled from OAuth Protected Resource Metadata
Thread-Index: AdJyya2Gn4+3XYXBT9CpRAxeTBHohg==
Date: Fri, 20 Jan 2017 03:49:36 +0000
Message-ID: <BN3PR03MB235566CEFD5DB4C882F3B4A3F5710@BN3PR03MB2355.namprd03.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [50.47.95.25]
x-ms-office365-filtering-correlation-id: 8e1d73f9-3d2a-40e1-ed53-08d440e75ab4
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001);SRVR:BN3PR03MB2356;
x-microsoft-exchange-diagnostics: 1; BN3PR03MB2356; 7:aYwJ/cKvYBwu59c035ep3iuVriop2WJ4wfKpl+GKKfiRDUIGde2tPBX7jbMYRWohoIKTvIxpAlr0M4mzAOVHQOqd4d1Hl/ajkKrzJ1oTrv0n3hzPWuWewLdME7amUiTXWXjs4SMXakJNk5IOtpGnuW8m3TMOZsbkB0R4CSLyrC/Y2mMFwYmPBMVPDQdkJeiyMeNJl3HrhTSapwLqxr/Vh2gEg7jZy0z7QoBO/nmCvdHXp7xrzAZMCni6MHmazm5ygM2cUA4CTVYUhGoY+3goKqek3lg4re3zXf1SlY2ol6tsJSFPMcQAeVzqxwleM7H/uShozHWAxIPNkoe8wnvyOoZm/3wStW721Px9+/ciUpbrCe7BxGXXiNAn/IABgXz7EbL+bnUxHkXx3UHRolHTmjhgK53QnbAoi0+hhybY2Xp9j9y9EvYnCcX35lHgbVjomb53uXnKCKOT/lD/UXYhAvPJPX/TWa+M8HNlWPzcQ9I=
x-microsoft-antispam-prvs: <BN3PR03MB23566C804FECDCB1593F2EA0F5710@BN3PR03MB2356.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(31418570063057)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(6040375)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001)(6055026)(61426038)(61427038)(6041248)(20161123560025)(20161123564025)(20161123558021)(20161123555025)(20161123562025)(6042181)(6047074)(6072148); SRVR:BN3PR03MB2356; BCL:0; PCL:0; RULEID:; SRVR:BN3PR03MB2356;
x-forefront-prvs: 01930B2BA8
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(7916002)(209900001)(199003)(189002)(50986999)(450100001)(7696004)(2501003)(5640700003)(25786008)(606005)(6436002)(2900100001)(122556002)(3660700001)(92566002)(6916009)(66066001)(2906002)(101416001)(54356999)(236005)(110136003)(5630700001)(10090500001)(107886002)(8676002)(8936002)(189998001)(10290500002)(81156014)(3846002)(86612001)(102836003)(6116002)(5660300001)(790700001)(97736004)(1730700003)(105586002)(5005710100001)(3280700002)(81166006)(6306002)(38730400001)(53936002)(55016002)(99286003)(9686003)(54896002)(6506006)(77096006)(106356001)(2351001)(7736002)(86362001)(7906003)(8990500004)(74316002)(33656002)(68736007)(6606295002); DIR:OUT; SFP:1102; SCL:1; SRVR:BN3PR03MB2356; H:BN3PR03MB2355.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_BN3PR03MB235566CEFD5DB4C882F3B4A3F5710BN3PR03MB2355namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Jan 2017 03:49:36.7139 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3PR03MB2356
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/mSN6odWseHWMxoUVI2lQN9Qe4zM>
Subject: [OAUTH-WG] OAuth Authorization Server Metadata decoupled from OAuth Protected Resource Metadata
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Jan 2017 03:49:41 -0000
The IETF OAuth working group decided at IETF 97 to proceed with standardizing the OAuth Authorization Server Metadata specification, which is already in widespread use, and to stop work on the OAuth Protected Resource Metadata specification, which is more speculative. Accordingly, a new version of the AS Metadata spec has been published that removes its dependencies upon the Resource Metadata spec. In particular, the "protected_resources" AS Metadata element has been removed. Its definition has been moved to the Resource Metadata spec for archival purposes. Note that the Resource Metadata specification authors intend to let it expire unless the working group decides to resume work on it at some point in the future. The specifications are available at: * https://tools.ietf.org/html/draft-ietf-oauth-discovery-05 * https://tools.ietf.org/html/draft-jones-oauth-resource-metadata-01 HTML-formatted versions are also available at: * http://self-issued.info/docs/draft-ietf-oauth-discovery-05.html * http://self-issued.info/docs/draft-jones-oauth-resource-metadata-01.html -- Mike P.S. This notice was also posted at http://self-issued.info/?p=1629 and as @selfissued<https://twitter.com/selfissued>.