Re: [OAUTH-WG] Call for Adoption: Encoding claims in the OAuth 2 state parameter using a JWT

Mike Jones <Michael.Jones@microsoft.com> Thu, 04 February 2016 06:28 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F0C81A9116 for <oauth@ietfa.amsl.com>; Wed, 3 Feb 2016 22:28:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CuJo5AYZxkbr for <oauth@ietfa.amsl.com>; Wed, 3 Feb 2016 22:28:53 -0800 (PST)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0117.outbound.protection.outlook.com [207.46.100.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 03EB01A911D for <oauth@ietf.org>; Wed, 3 Feb 2016 22:28:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=O7cYpc50uy1kgR358S17YsxMxJLHX87ITuwp2xJmD1Q=; b=oN4rsbEmSePFGJAxyccRQCKB+b2elyYRymLUh49GLu5hsz4Jw3MHZkBIXCjxH0yrKBCSDy7tq7lsiqWS7bF/NrhRoA0gsLLEJuCEQ/kEXSc8tqzC891dS1SM9xn6b0kbIRKOvr7wmraSHN+nTAOyEu6rZiCgslPIJJBtN2+U+EE=
Received: from BY2PR03MB442.namprd03.prod.outlook.com (10.141.141.145) by BY2PR03MB443.namprd03.prod.outlook.com (10.141.141.152) with Microsoft SMTP Server (TLS) id 15.1.396.15; Thu, 4 Feb 2016 06:28:51 +0000
Received: from BY2PR03MB442.namprd03.prod.outlook.com ([10.141.141.145]) by BY2PR03MB442.namprd03.prod.outlook.com ([10.141.141.145]) with mapi id 15.01.0396.020; Thu, 4 Feb 2016 06:28:51 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>, "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: [OAUTH-WG] Call for Adoption: Encoding claims in the OAuth 2 state parameter using a JWT
Thread-Index: AQHRUq+RxAJsD5aB1k2crRIxKJZ4YJ8bhRaA
Date: Thu, 4 Feb 2016 06:28:50 +0000
Message-ID: <BY2PR03MB4429A1B1DAE98C58949EC18F5D10@BY2PR03MB442.namprd03.prod.outlook.com>
References: <569E22EF.70304@gmx.net>
In-Reply-To: <569E22EF.70304@gmx.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: gmx.net; dkim=none (message not signed) header.d=none;gmx.net; dmarc=none action=none header.from=microsoft.com;
x-originating-ip: [50.47.85.157]
x-ms-office365-filtering-correlation-id: 626b9ecb-54a2-4b0b-9b14-08d32d2c7281
x-microsoft-exchange-diagnostics: 1; BY2PR03MB443; 5:/zhoLqZXLVVURFsAcKWFX14czGgoEpGVs698wbJ0OtPbBOrgm/g+Erle4zujIqPpL3iHnmfz13pOIxhGQnh+hbEp90XFc1DxzUpZ0h80/0HmKliRIzGVvcs5StCzlNMzSsL9Ud8dvG4dszeO4cr3vw==; 24:uli2S4QxlVBifuwUn6Od7gBlsDkNn3Ip5F3uneMMcuv81Xx+92Dn+4MMu6An9pcyIu/w1JZXJkMjSO/tJXd8tO3hSuhsHUkbz7eTyq4xa2Y=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BY2PR03MB443;
x-microsoft-antispam-prvs: <BY2PR03MB443C90ED0DFCE3EF50AF647F5D10@BY2PR03MB443.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(61426038)(61427038); SRVR:BY2PR03MB443; BCL:0; PCL:0; RULEID:; SRVR:BY2PR03MB443;
x-forefront-prvs: 084285FC5C
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(377454003)(13464003)(53754006)(10090500001)(19580395003)(5001770100001)(2501003)(5003600100002)(40100003)(66066001)(19580405001)(74316001)(99286002)(33656002)(5004730100002)(5002640100001)(76576001)(106116001)(86612001)(50986999)(586003)(92566002)(2900100001)(3660700001)(11100500001)(76176999)(77096005)(15975445007)(87936001)(5008740100001)(2906002)(1096002)(5005710100001)(107886002)(189998001)(1220700001)(10290500002)(3280700002)(2950100001)(3846002)(86362001)(122556002)(6116002)(102836003)(10400500002)(54356999)(5001960100002); DIR:OUT; SFP:1102; SCL:1; SRVR:BY2PR03MB443; H:BY2PR03MB442.namprd03.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Feb 2016 06:28:50.9154 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR03MB443
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/w0UssKLobDgU3HdJEW2j-pOE38I>
Subject: Re: [OAUTH-WG] Call for Adoption: Encoding claims in the OAuth 2 state parameter using a JWT
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Feb 2016 06:28:54 -0000

I support adoption of this document by the working group as either an experimental or informational specification.

				-- Mike

-----Original Message-----
From: OAuth [mailto:oauth-bounces@ietf.org] On Behalf Of Hannes Tschofenig
Sent: Tuesday, January 19, 2016 3:50 AM
To: oauth@ietf.org
Subject: [OAUTH-WG] Call for Adoption: Encoding claims in the OAuth 2 state parameter using a JWT


Hi all,

this is the call for adoption of Encoding claims in the OAuth 2 state parameter using a JWT, see
https://tools.ietf.org/html/draft-bradley-oauth-jwt-encoded-state-05

Please let us know by Feb 2nd whether you accept / object to the adoption of this document as a starting point for work in the OAuth working group.

Ciao
Hannes & Derek