[OAUTH-WG] FW: New Version Notification for draft-ietf-oauth-jwt-bcp-07.txt

Yaron Sheffer <yaronf.ietf@gmail.com> Sun, 13 October 2019 14:59 UTC

Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D56512004A for <oauth@ietfa.amsl.com>; Sun, 13 Oct 2019 07:59:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.002
X-Spam-Level:
X-Spam-Status: No, score=0.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, MALFORMED_FREEMAIL=0.001, MIME_QP_LONG_LINE=0.001, PDS_TONAME_EQ_TOLOCAL_HDRS_LCASE=1.999, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7NdV9mI8PXGs for <oauth@ietfa.amsl.com>; Sun, 13 Oct 2019 07:59:35 -0700 (PDT)
Received: from mail-wr1-x42e.google.com (mail-wr1-x42e.google.com [IPv6:2a00:1450:4864:20::42e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F0BEF12000F for <oauth@ietf.org>; Sun, 13 Oct 2019 07:59:34 -0700 (PDT)
Received: by mail-wr1-x42e.google.com with SMTP id o18so16736251wrv.13 for <oauth@ietf.org>; Sun, 13 Oct 2019 07:59:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=user-agent:date:subject:from:to:message-id:thread-topic:references :in-reply-to:mime-version:content-transfer-encoding; bh=4pGmkbh0+DeS1q40Dv32GRtVUqK0myJUxjoDkCaoYsE=; b=lFfjsXJXiBzQziBbCwM4R1fBhXO8vDhV3UXqYPdsAK2uEZTUy/7N3fQAeD/d1afyEC QqTeiYVdhAXJoxDU6JSu8u1T0O7tuycd6hxHis3fF4miEpzs1fHe5qFEuwDP3tVJSEql GUlAzlkCEsw/986K2yMjhhou2UqkIW6GNQuWZ85XTxCmawXsip6+tTeNjgd0pz/RowvO WAI6Gy1U3T0Z+jw94EE7/+tw1SFjMdocwbmCrOfbB7SLizMTbzDre9pvU8IUpJACgD+F KgTeNRQAK/35IQWJgqs8MOeTcBFoK8oZmNKvvT8sPLbNcEifeWL7KO6nQTJjMEuDPHHV tgzg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:message-id :thread-topic:references:in-reply-to:mime-version :content-transfer-encoding; bh=4pGmkbh0+DeS1q40Dv32GRtVUqK0myJUxjoDkCaoYsE=; b=gIAhSSKYB9HlyVPmxyChfFIVbOb2yyAqMdNKvuk0h8h4ZWezMESD76Iz/hTRH9Z73m q85MOMoMEOL2orRAkj1dcLsDFBlcjA04one8Ua+a8Zpi/MWOrbN8m8FBPFfHFD0Sbe8h p1L6TKh62wYZXi5mGIWIKcGK7VFpiYktUz5nF2mYnx7uf+sucVOjmm7myXBFdOhLDssj 4wNSTD1vX18Z+hpaViF7vG60Z33dYptpL31NpePqTZP6DlRurJpZlykcz7RN0zZveda9 d9irRyIY0/B3DgDSulAD8pkln428fsS2nvhbF0s49wQlg+kE9ISSO+aOBsUygt4f64Zg JbQw==
X-Gm-Message-State: APjAAAXaUYIM7xldEkoRO6XEHWCNhfoL/GOU6g+SaVLlb3IzNjlnzjkY vu/7wK78ydm49o558h04HRuXCRja
X-Google-Smtp-Source: APXvYqwRpyWHoLjGgWFS4GVQ+xf1IiWXuBNx4xALlqCHB+WwPsY9HhWhe6eCxST+58SwQF3Q7O/xFQ==
X-Received: by 2002:a5d:67c5:: with SMTP id n5mr18117819wrw.72.1570978773195; Sun, 13 Oct 2019 07:59:33 -0700 (PDT)
Received: from [10.0.0.147] (bzq-79-182-74-87.red.bezeqint.net. [79.182.74.87]) by smtp.gmail.com with ESMTPSA id t13sm34925239wra.70.2019.10.13.07.59.32 for <oauth@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 13 Oct 2019 07:59:32 -0700 (PDT)
User-Agent: Microsoft-MacOutlook/10.1d.0.190908
Date: Sun, 13 Oct 2019 17:59:31 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
To: oauth <oauth@ietf.org>
Message-ID: <2969219C-1F0D-4AD5-9CE4-A15E91065284@gmail.com>
Thread-Topic: New Version Notification for draft-ietf-oauth-jwt-bcp-07.txt
References: <157097537922.20900.9964280625544036041.idtracker@ietfa.amsl.com>
In-Reply-To: <157097537922.20900.9964280625544036041.idtracker@ietfa.amsl.com>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/qenYkygYIDDFbHeWK4h2J_pylsg>
Subject: [OAUTH-WG] FW: New Version Notification for draft-ietf-oauth-jwt-bcp-07.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Oct 2019 14:59:37 -0000

This should address all IESG review comments, including Ben's Discuss. We will follow with detailed responses to the reviewers.

Thanks,
	Yaron

On 13/10/2019, 17:02, "internet-drafts@ietf.org" <internet-drafts@ietf.org> wrote:

    
    A new version of I-D, draft-ietf-oauth-jwt-bcp-07.txt
    has been successfully submitted by Yaron Sheffer and posted to the
    IETF repository.
    
    Name:		draft-ietf-oauth-jwt-bcp
    Revision:	07
    Title:		JSON Web Token Best Current Practices
    Document date:	2019-10-13
    Group:		oauth
    Pages:		16
    URL:            https://www.ietf.org/internet-drafts/draft-ietf-oauth-jwt-bcp-07.txt
    Status:         https://datatracker.ietf.org/doc/draft-ietf-oauth-jwt-bcp/
    Htmlized:       https://tools.ietf.org/html/draft-ietf-oauth-jwt-bcp-07
    Htmlized:       https://datatracker.ietf.org/doc/html/draft-ietf-oauth-jwt-bcp
    Diff:           https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-jwt-bcp-07
    
    Abstract:
       JSON Web Tokens, also known as JWTs, are URL-safe JSON-based security
       tokens that contain a set of claims that can be signed and/or
       encrypted.  JWTs are being widely used and deployed as a simple
       security token format in numerous protocols and applications, both in
       the area of digital identity, and in other application areas.  The
       goal of this Best Current Practices document is to provide actionable
       guidance leading to secure implementation and deployment of JWTs.
    
                                                                                      
    
    
    Please note that it may take a couple of minutes from the time of submission
    until the htmlized version and diff are available at tools.ietf.org.
    
    The IETF Secretariat