Re: [OAUTH-WG] December 27, 2012 OAuth Release
Dick Hardt <dick.hardt@gmail.com> Sat, 29 December 2012 04:10 UTC
Return-Path: <dick.hardt@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A85FB21F84BB for <oauth@ietfa.amsl.com>; Fri, 28 Dec 2012 20:10:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[AWL=-1.490, BAYES_00=-2.599, HTML_MESSAGE=0.001, MANGLED_PORN=2.3, RCVD_IN_DNSWL_LOW=-1, SARE_ADLTOBFU=0.68]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g200G2RbgdJr for <oauth@ietfa.amsl.com>; Fri, 28 Dec 2012 20:10:51 -0800 (PST)
Received: from mail-pb0-f43.google.com (mail-pb0-f43.google.com [209.85.160.43]) by ietfa.amsl.com (Postfix) with ESMTP id D4AA221F84B2 for <oauth@ietf.org>; Fri, 28 Dec 2012 20:10:51 -0800 (PST)
Received: by mail-pb0-f43.google.com with SMTP id um15so6224143pbc.16 for <oauth@ietf.org>; Fri, 28 Dec 2012 20:10:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:content-type:mime-version:subject:from:in-reply-to:date :cc:message-id:references:to:x-mailer; bh=BWc+sWJsy5JNgBMRYsdFwh7xWuhFW5sY6ff3c9uajQY=; b=cO2sGSYmwPHmVPrU+HRB0RbIA5oqLo9it3MN6u68DDMXd7EPDWoqsMBnGmgy5HFWoP d59v7QTYDKRhpWTOe87+TsOQ6T0knyyt95aXBEscqyfIOUShbMdkw07QXLP9zR7qolS+ +LXM/4qd+o5gUMelx0cH0/dH/Jl21XIwsYmgQ2yIHY7FzG1yk1zkGFwmbRz13z6Ibqd6 Vsr9UtLWx4bTcAJaSqSJHTWfNUWT2ggfRQT/guJJpn50zWtqNE6K7P0zGjAzvOyJGRGI 9iRn9XVnsIPa+pQyaUClo6mnInCNiBgSrptEHEoF72fxRyV0pXL253h9flLEvwOnlWRX a53Q==
X-Received: by 10.68.233.230 with SMTP id tz6mr109535946pbc.36.1356754251599; Fri, 28 Dec 2012 20:10:51 -0800 (PST)
Received: from [10.0.0.4] (c-24-5-69-173.hsd1.ca.comcast.net. [24.5.69.173]) by mx.google.com with ESMTPS id pm8sm20760310pbb.29.2012.12.28.20.10.46 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 28 Dec 2012 20:10:47 -0800 (PST)
Content-Type: multipart/alternative; boundary="Apple-Mail=_750AD96C-8F1B-4708-AC88-303AE61C78C6"
Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\))
From: Dick Hardt <dick.hardt@gmail.com>
In-Reply-To: <4E1F6AAD24975D4BA5B1680429673943669B0A1E@TK5EX14MBXC283.redmond.corp.microsoft.com>
Date: Fri, 28 Dec 2012 20:10:44 -0800
Message-Id: <61A65272-73E1-477A-B288-8C7E4B420659@gmail.com>
References: <4E1F6AAD24975D4BA5B1680429673943669B0A1E@TK5EX14MBXC283.redmond.corp.microsoft.com>
To: Mike Jones <Michael.Jones@microsoft.com>
X-Mailer: Apple Mail (2.1499)
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] December 27, 2012 OAuth Release
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Dec 2012 04:10:52 -0000
Looks like I was not the only one that was reading "p0rn" when I saw "prn" … ;-) On Dec 28, 2012, at 5:07 PM, Mike Jones <Michael.Jones@microsoft.com> wrote: > New versions of the OAuth JWT, JWT Bearer Profile, and Assertions specs have been released incorporating feedback since IETF 85 in Atlanta. The primary change is changing the name of the “prn” claim to “sub” (subject) both to more closely align with SAML name usage and to use a more intuitive name for this concept. (Also, see the related coordinated change to the OpenID Connect specifications.) The definition of the “aud” (audience) claim was also extended to allow JWTs to have multiple audiences (a feature also in SAML assertions). > > An explanation was added to the JWT spec about why should be signed and then encrypted. > > The audience definition in the Assertions specification was relaxed so that audience values can be OAuth “client_id” values. Informative references to the SAML Bearer Profile and JWT Bearer Profile specs were also added. > This release incorporates editorial improvements suggested by Jeff Hodges, Hannes Tschofenig, and Prateek Mishra in their reviews of the JWT specification. Many of these simplified the terminology usage. See the Document History section of each specification for more details about the changes made. > > This release is part of a coordinated release of JOSE, OAuth, and OpenID Connect specifications. You can read about the other releases here: JOSE Release Notes, OpenID Connect Release Notes. > > The new specification versions are: > · http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-06 > · http://tools.ietf.org/html/draft-ietf-oauth-jwt-bearer-04 > · http://tools.ietf.org/html/draft-ietf-oauth-assertions-09 > > HTML formatted versions are available at: > · http://self-issued.info/docs/draft-ietf-oauth-json-web-token-06.html > · http://self-issued.info/docs/draft-ietf-oauth-jwt-bearer-04.html > · http://self-issued.info/docs/draft-ietf-oauth-assertions-09.html > > -- Mike > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
- [OAUTH-WG] December 27, 2012 OAuth Release Mike Jones
- Re: [OAUTH-WG] December 27, 2012 OAuth Release William Mills
- Re: [OAUTH-WG] December 27, 2012 OAuth Release Dick Hardt
- Re: [OAUTH-WG] December 27, 2012 OAuth Release Mike Jones
- Re: [OAUTH-WG] December 27, 2012 OAuth Release William Mills
- Re: [OAUTH-WG] December 27, 2012 OAuth Release John Bradley
- Re: [OAUTH-WG] December 27, 2012 OAuth Release William Mills
- Re: [OAUTH-WG] December 27, 2012 OAuth Release John Bradley
- Re: [OAUTH-WG] December 27, 2012 OAuth Release William Mills