IETF Logo Mail Archive

Re: [OAUTH-WG] expires_in

Ludwig Seitz <ludwig.seitz@ri.se> Tue, 18 December 2018 12:18 UTC

Return-Path: <ludwig.seitz@ri.se>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4589C128B14 for <oauth@ietfa.amsl.com>; Tue, 18 Dec 2018 04:18:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.36
X-Spam-Level:
X-Spam-Status: No, score=-3.36 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-1.459, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=risecloud.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SuczTidDPsWf for <oauth@ietfa.amsl.com>; Tue, 18 Dec 2018 04:17:59 -0800 (PST)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60046.outbound.protection.outlook.com [40.107.6.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D8A9C1274D0 for <oauth@ietf.org>; Tue, 18 Dec 2018 04:17:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=RISEcloud.onmicrosoft.com; s=selector1-ri-se; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DcIhOR4KEf+wt0YvnfZJNy4dVwAFhYXz0pcuf+TxxC0=; b=OcNvanoCPLNHgTNbXYSsNkED01UA0d+RL1nzcrLV5hibhh8lk4v7kXriewhrvF/k+HsRkoJVjwLOLhpOPDMuDXbYSfKIpjqbtn+YPVK/x17SwbjCjyGqUCGLzmVNvZSCOkSpbptdSTkDu8WVEqkniLi6r3ppdVgriDGlm6+A0sI=
Received: from DB6P189CA0013.EURP189.PROD.OUTLOOK.COM (2603:10a6:6:2e::26) by DB6P18901MB0101.EURP189.PROD.OUTLOOK.COM (2603:10a6:4:26::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1446.17; Tue, 18 Dec 2018 12:17:56 +0000
Received: from AM5EUR02FT031.eop-EUR02.prod.protection.outlook.com (2a01:111:f400:7e1e::206) by DB6P189CA0013.outlook.office365.com (2603:10a6:6:2e::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1446.17 via Frontend Transport; Tue, 18 Dec 2018 12:17:56 +0000
Authentication-Results: spf=pass (sender IP is 194.218.146.197) smtp.mailfrom=ri.se; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=bestguesspass action=none header.from=ri.se;
Received-SPF: Pass (protection.outlook.com: domain of ri.se designates 194.218.146.197 as permitted sender) receiver=protection.outlook.com; client-ip=194.218.146.197; helo=mail.ri.se;
Received: from mail.ri.se (194.218.146.197) by AM5EUR02FT031.mail.protection.outlook.com (10.152.8.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.20.1446.11 via Frontend Transport; Tue, 18 Dec 2018 12:17:55 +0000
Received: from [192.168.0.166] (10.116.0.226) by sp-mail-2.sp.se (10.100.0.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1531.3; Tue, 18 Dec 2018 13:17:55 +0100
To: oauth@ietf.org
References: <VI1PR0801MB2112D57E9871898418E0BF9EFABD0@VI1PR0801MB2112.eurprd08.prod.outlook.com> <66E27956-1627-46B5-AF60-B7F0CD631513@alkaline-solutions.com>
From: Ludwig Seitz <ludwig.seitz@ri.se>
Message-ID: <2ef34983-31b1-9b2a-a28f-ff4e14b2045d@ri.se>
Date: Tue, 18 Dec 2018 13:17:55 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1
MIME-Version: 1.0
In-Reply-To: <66E27956-1627-46B5-AF60-B7F0CD631513@alkaline-solutions.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Originating-IP: [10.116.0.226]
X-ClientProxiedBy: sp-mail-3.sp.se (10.100.0.163) To sp-mail-2.sp.se (10.100.0.162)
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:194.218.146.197; IPV:NLI; CTRY:SE; EFV:NLI; SFV:NSPM; SFS:(10009020)(39860400002)(396003)(346002)(376002)(136003)(2980300002)(189003)(199004)(67846002)(50466002)(7736002)(65826007)(8936002)(106466001)(31686004)(69596002)(36756003)(117156002)(230700001)(486006)(2906002)(81156014)(68736007)(81166006)(2616005)(476003)(508600001)(44832011)(97736004)(6116002)(3846002)(336012)(74482002)(446003)(11346002)(126002)(26005)(106002)(33896004)(2486003)(356004)(86362001)(8676002)(305945005)(23676004)(5660300001)(186003)(16576012)(58126008)(16526019)(53936002)(64126003)(76176011)(77096007)(316002)(14444005)(6916009)(22746007)(6246003)(2351001)(386003)(104016004)(65956001)(22756006)(65806001)(31696002)(53546011)(47776003)(40036005)(229853002); DIR:OUT; SFP:1101; SCL:1; SRVR:DB6P18901MB0101; H:mail.ri.se; FPR:; SPF:Pass; LANG:en; PTR:InfoDomainNonexistent; MX:1; A:1;
X-Microsoft-Exchange-Diagnostics: 1; AM5EUR02FT031; 1:lUVr0bVnKqgPcCpooHTdqFeXAJz2k9eoxulWUn9tMEf9BFz/x3Se4RBsiIBNqHow+LGHY+dRVdLmSyPYtYMtvzWyD2xlH/UhCSS4cFt018QDpOrzLY6C2Iyj9GaQcrsO
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 389bd166-56c0-4e10-6410-08d664e2d74f
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(7021145)(8989299)(4534185)(7022145)(4603075)(4627221)(201702281549075)(8990200)(7048125)(7024125)(7027125)(7023125)(5600074)(711020)(4608076)(2017052603328)(7153060)(7193020); SRVR:DB6P18901MB0101;
X-Microsoft-Exchange-Diagnostics: 1; DB6P18901MB0101; 3:xTJz8e2XqsadOq05h9tCWwbza87AkQMdVRZSu/8rJ4Yq9N6ovqAk8JhrO2FNBz1sgNiXnmdLoqMD5TTIaFoGPCofnHmHroOXgKKguxjCWrAU9urhkc+/+Itt+sT7h4YUSgnT7aRBItpvPrPwDx0iPkUjpx26g7cVAHpZ0mzbWS2CIopm4+/BY8FzF+X0323OzVAWRuT8Ktg6ciW4Dm9Nub/fjRbL0v/mBTzAmBpXa87+dUI3aKzfOdJ/105g8HBKri1pL8oAaAw27alQvGxuD591PHgeCmovyj1zZFPOjp9/UPgxpr29+OYQagqVgOqL7VYswDu+aZ1VJZlgpyIG2/x/DwuR5VM36Sez4RIoIAM=; 25:55KhII110UfD8H+uv+EEr53FVyMPYZbmCFWMIO1wAoNv9J75wxXBP2OpycyRZXBvmCXUO0KSovDJE5Wcx7GEbBGHd93pr0pm2fLOHJHV157alUNapBmm9QO84roqe9m530m6NpSMXD+ip2yLBn4riBJV9FYKp65KJSrasYq4OiBG9L0TJtJ9YVN++HTC/MqCpI52jVVlvwcrH4ANWJRAH8NmkzoMvio75rIy/PnGR43llZ3nq1UUwIwB2/RIvfoKv0PnsksXZGYDmSHDktT7QAUShNdsHztwcdMxMzzGoCPpYjd2d2gTG7A9JAxR0iwonBobEp7y+6islEXQ1r9iHQ==
X-MS-TrafficTypeDiagnostic: DB6P18901MB0101:
X-Microsoft-Exchange-Diagnostics: 1; DB6P18901MB0101; 31:U/6Gw2SFcn1ySVkMK2BY1td5XxHQzpdPlbNulbc8B5cbCCRpcIdWtc0oU+MP+44fSIbRiFqJNGyEnd9dVyGxi3Akyv//0ad5cluhyoKy/Srvd/mEFYgh5a1h6OL6Oof6RVEzot96hPQ1KfCyFr4qEBVchXgDmsg5gX2afnoUveV+VfvDaRQ6NgoK3dq7C4hVt9NwZWZekiaA11Md7eigSzgVl8hJKr3b460NFgx6N9Y=; 20:cDDu/lOB5V33uQOc5311/XQhOEu2Gyb/o8b1lW93KQNvrem3Ic6K9Zw6T37qjklRUwvnVF7WT5Lv2Q8F4QvtXnC3PCnQtBnNiT3HCmDvvSkIqXD+dmBRwaTVRT+jBFvOKBDxV30qYbs4UYT3AJtWM0ydaXV5KHVylsUlpn2XzUc9eqZBqZaKZizwHlP3yDDG2hD6VSHMhRWNTTUniEp85OseUbJcaHLb2et6j2S9E4fHK4Iyig/LdT3RxgKRZLL5; 4:Zc6vv97CeRLMopYFF/ZcPhdcd4mWnY6kSwNXuYwE5Ay+aPNF7NJU6brD2n8HvYHEyyVxPE4KfBH9IP99b25cFS2K+jdf8BnZM8DlbLULUFRh2pBw0QydENph3eGyk8ycVm4D4wUBrJcviu5ME6LJCKKpFGAq6VnYaOKxOzwgwxJ5ZPQJJolUJwoKv3Llw9Sg0iZKzalVZ2BUOUsKUO1TsA2iEW4zAKRgcN3+/5Oe8sx6NR9Kbr1vmpcQDxEIae8bviopsj8As+BcMtRcNRL05w==
X-Microsoft-Antispam-PRVS: <DB6P18901MB0101FE5DE3DE9E45427936BE82BD0@DB6P18901MB0101.EURP189.PROD.OUTLOOK.COM>
X-MS-Exchange-SenderADCheck: 1
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(3230021)(999002)(6040522)(2401047)(5005006)(8121501046)(3231475)(944501520)(52105112)(93006095)(93004095)(10201501046)(3002001)(148016)(149066)(150057)(6041310)(20161123562045)(20161123564045)(2016111802025)(20161123558120)(20161123560045)(6043046)(201708071742011)(7699051)(76991095); SRVR:DB6P18901MB0101; BCL:0; PCL:0; RULEID:; SRVR:DB6P18901MB0101;
X-Forefront-PRVS: 08902E536D
X-Microsoft-Exchange-Diagnostics: 1;DB6P18901MB0101;23:xShuJJtUFxwVINnpcwwgev8oqVo+vXLi5kzopU7R1AEr5oXBs1vPNY+zVFWjzrzM0bbz7UZFwYpxZ1D/ShOShyptw3yFSrzjegZMKHlgUn3t0tO16h1PL7kd9VI4DdFVakDptTzrA0mMWr8vv0SHRcoJVU8/LCcAZ7geJlWrLBUg/kMQ3y5WJ6ARwyhEKHTTrR6xcfqAJ1izEnvAviEdq156fZ6cA565v/u/6td9G0tkHXHse5KpwmyQcGL8lxQpFibg8uQslyQ+nDBMQcSDVYcwYOkKNeBX41Z1Afe6GbDZ9w5vG3tOA5YpJmWWMQE+h40cx4QnXiYpGXqVYgw/hy4T3Fylgz7LFDXIC86J3gI6UPIT9iytI4CuRJTe+sSXOckBtQeIztWiunspz1uljKhlMXBI81kIofSq3X9K4WPIfa3JbRZxogMm5EQsP5dwT1UV3ZohS4V4hu/9aM8O02F8FGstcYGN+7ulBE6ZvE1EhiJc1LaeBUyKRcH5/l3js5qXXdY5VV9yjMQYgxQS7A39RjNUur+rgJxybYnzzCXOlnJRoQB2FAFlhVHuUajbq/X9rOMnv7Wg5K5aYdj4iOpuUtOWL5dn+PVc92IUeCpQUfWx407uHTnwHkD/xqAX58BhXsFQW4iRWUAqQ1AUMknTREkGtrMUbWCk8j3gZDBGVcIhZfZupw9HG9eIZASUo8tuwo3c5gDHvqLN/4HdRLxBC0Uz1JjduR5SrUE+IuaSO2sfXm1di3oOwAIj0ULNsrPwd2b9DTYd0SE+h/nQKui/bfIhW5/HIJhSTpY8EvxOaF+O1Ihvsq3fAoiYy7qTmqkboHIMqmw9XnS4l5bQcfo8qK1ohGhToVn2mFHqT7P2oQMjsHLbkKP7E73tiA33xAaHN5KeaIMrqmLvME1SuzW5m0DRX9fO1eXRn5Ko9FQzFpmov5IvsQovYThquJAnp+FTACSyhAjTjp3uJ0ClIJm8oDwozsPU52uGbGRFkGwpbzCKnzOUQTFnODTjctlIyJ5pVTMhsO/wRbiWmuG+bPI5WKwTtfA3jogFr3MKjCTYMrN3MsKfIZMTLMpOsy0AxECO4QakFCbYhQ8Hv0iAK4207dJJMwPszShc32ikxwXCBNdiRhVD8ieCrCWyMC//SWGkbVHcQiRMAqCHGtvof8D/v3EHwKekQUZ53sPxtzvtfAoWIn3OG1ECfylK+Sn+lplj82HdTWjp683WIUQ/xjlIyMz2iMSGLqj0ZKtKGJb5g5afFHTuHz0RnqrvnFuMOA6CRGZ50VTk8C+lVDpUQ5kit/pO+Yle2pFCdU3hmZt6DnnCz46wnuCzcUHGjPvEpz8jFFyaLnFUirCdKTr6IKKZMyL4uF63mTnZg9fQyhaMuvf3vK6o+O8G+WPINpUG9HT+dTWFtkNLG3A37/BQkRJphjOSfNSaAIG1E191YMAf2BC/+E8oUYRG+01+bnPq+TTvmKBOzqYQp4if6N/dBvsqJ5AE9dXAFsPrLEEyDE9fok/CaCV33nLCJ0mWcEDy
X-Microsoft-Antispam-Message-Info: fSS6+HJfatIVkqetL4sHXt2EhvfflLsMiN7mgQ80rlcp+4YCdSekIhMLkZ+Yjkoeb/ETty/VzCynJzjaKB54AnsWgJiRbgtpfNZODji4oh951ag2i9LYDRzQjPVBFBZiUje/agCyN1woSYlY7wcQoGRIrjxlkCh8yiuFp4u73Ghs0X63ZdUGWIob+4PLUDiWoyFnSO5ii49Aw3vxeQnTFUPTdAsif1TK9Iof9LpBe9ueJgbtChXiM6ogjELcbmE3N0NnWk/zU8uuugRjUfNxcD/LrHd5wCmXxDW0rlFi6RVaYzSHN68CoYdZggsngnmG
X-Microsoft-Exchange-Diagnostics: 1; DB6P18901MB0101; 6:UPKJGc+sjwtqGUAtDwhN0uAUbpBp203NM1VfbALTGrqdljmFkZbAmuZrtpT7IA2cjGk2HcbdTyTmrlEt2FgL6riGiO/zxFvUx89gyOYg6VeNcWUs+zTxXNIcwGj+2xOXPfB4TNyfyKl64QZu6+Bhy10lDZmX6vlOSN2daugeGnNGvsXzdJru1pU9w0Dmk1p8g9RVRm+TnP6Bb5jRUIngd+jL33NT7+OQ6PAP+FZEDq1We3uTumCzsgPk+2nFdUDEsCyjG2qWR2qHU+HRInDfXApE+XhgEMawAyyDCqtWBSFEJLLzitbRkaHpkKtdI6ScWWVW6EytTMEu+309hdxorYJeztkhop1RbOI4NyTNUTbKTCGIWSuNKN4VFomDxvTtYe0dW5d1vBD5fTdWQ1nv22uq6FsYXuWMsx36FJyNAyrJYWoMUDPPEllfE3eOs/n0xZrCt77wxV5NOZT2LH2nnQ==; 5:qRWtxdmpU13ytLhkCrPeSF+jyhqa8c7tFQF8YNylzNFLR+o2yWjRMfFn8H+I5Nk/yiOJOVNBORGcUsUSMcSeMIahtWeFMuWjIc3NCUFLP0uwibJyaw8SVrY+9FHHipHVMaKJhbQl7P+CURlRTfwHPbdQnKLgcgZQlA8xDD83zuI=; 7:2SkB84KiblwE5/yxPQgtzCQ/COndYd4hx6XVVfymv8dEMiMZ5rDfsoBI6R8sgtBnhf9vh1zimC+hmUHmpUb6dwv2c0SyCJLWj9qUlEK8zzTHYWjvbh3Yexn3ZSyMI8nfmVpFNGZTWAgndc9++pZsng==
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Dec 2018 12:17:55.6413 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 389bd166-56c0-4e10-6410-08d664e2d74f
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=5a9809cf-0bcb-413a-838a-09ecc40cc9e8; Ip=[194.218.146.197]; Helo=[mail.ri.se]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6P18901MB0101
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/nYpgbwv797W5lUkQMN3WvbWGFHY>
Subject: Re: [OAUTH-WG] expires_in
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Dec 2018 12:18:02 -0000

On 18/12/2018 12:59, David Waite wrote:
> My understanding was that this parameter was advisory to the client -
> it neither mandated the client discard the token after the expires_in
> time, nor has a requirement that the token is no longer honored by
> protected resouces at that point in time (vs earlier or later).

That is my understanding as well, I would however have expected that 
this parameter would be aligned with the 'exp' claim of the token.

/Ludwig


-- 
Ludwig Seitz, PhD
Security Lab, RISE
Phone +46(0)70-349 92 51

v2.23.0 | Report a Bug | By Email