Re: [OAUTH-WG] [Errata Verified] RFC7800 (6187)

Pete Resnick <resnick@episteme.net> Sun, 31 May 2020 04:22 UTC

Return-Path: <resnick@episteme.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B3593A11C4; Sat, 30 May 2020 21:22:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pwQ_v8jsetrP; Sat, 30 May 2020 21:22:35 -0700 (PDT)
Received: from episteme.net (episteme.net [216.169.5.102]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 70FD63A11C1; Sat, 30 May 2020 21:22:35 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by episteme.net (Postfix) with ESMTP id E0B98AEDB7A8; Sat, 30 May 2020 23:22:34 -0500 (CDT)
Received: from episteme.net ([127.0.0.1]) by localhost (episteme.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qKda3xXrQOrE; Sat, 30 May 2020 23:22:34 -0500 (CDT)
Received: from [172.16.1.10] (episteme.net [216.169.5.102]) by episteme.net (Postfix) with ESMTPSA id 1687DAEDB79C; Sat, 30 May 2020 23:22:34 -0500 (CDT)
From: "Pete Resnick" <resnick@episteme.net>
To: "Benjamin Kaduk" <kaduk@mit.edu>
Cc: "RFC Errata System" <rfc-editor@rfc-editor.org>, mbj@microsoft.com, ve7jtb@ve7jtb.com, Hannes.Tschofenig@gmx.net, iesg@ietf.org, oauth@ietf.org
Date: Sat, 30 May 2020 23:22:33 -0500
X-Mailer: MailMate (1.13.1r5683)
Message-ID: <DFA83403-04F8-4801-8519-1E2BD2BD7AC7@episteme.net>
In-Reply-To: <20200531040924.GM58497@kduck.mit.edu>
References: <20200531013404.4528BF40721@rfc-editor.org> <AA62FB03-89F3-4931-AB7C-0BE281970A2E@episteme.net> <20200531040924.GM58497@kduck.mit.edu>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="=_MailMate_848226B9-41D5-44FD-A87E-9956495223BA_="
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/x-AfTF5ggOCyqkCKUH2_AfQHUq8>
Subject: Re: [OAUTH-WG] [Errata Verified] RFC7800 (6187)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 31 May 2020 04:22:38 -0000

But 
https://www.ietf.org/about/groups/iesg/statements/processing-rfc-errata/, 
in particular:

1. Only errors that could cause implementation or deployment problems or 
significant confusion should be Verified.
2. Things that are clearly wrong but could not cause an implementation 
or deployment problem should be Hold for Document Update.
5. Typographical errors which would not cause any confusions to 
implementation or deployments should be Hold for Document Update.

Did something change these criteria?

pr

On 30 May 2020, at 23:09, Benjamin Kaduk wrote:

> The new text is clearly the right thing, and there is no need
> to debate it if/when the document gets updated.  "Don't hold
> it; do it now", so to speak -- and noting that (my
> understanding/recollection of) the plan for
> https://www.rfc-editor.org/rfc/inline-errata/rfc7800.html is that only
> verified errata, not those in other states, will be displayed.
>
> (Yes, that link 404s at the moment, I assume a caching issue.)
>
> -Ben
>
> On Sat, May 30, 2020 at 10:55:01PM -0500, Pete Resnick wrote:
>> "Verified", not "Hold For Document Update"?
>>
>> pr
>>
>> On 30 May 2020, at 20:34, RFC Errata System wrote:
>>
>>> The following errata report has been verified for RFC7800,
>>> "Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs)".
>>>
>>> --------------------------------------
>>> You may review the report below and at:
>>> https://www.rfc-editor.org/errata/eid6187
>>>
>>> --------------------------------------
>>> Status: Verified
>>> Type: Editorial
>>>
>>> Reported by: Pete Resnick <resnick@episteme.net>
>>> Date Reported: 2020-05-26
>>> Verified by: Benjamin Kaduk (IESG)
>>>
>>> Section: 7.1
>>>
>>> Original Text
>>> -------------
>>>    [JWK]      Jones, M., "JSON Web Key (JWK)", RFC 7517,
>>>               DOI 10.17487/RFC7157, May 2015,
>>>               <http://www.rfc-editor.org/info/rfc7517>.
>>>
>>>
>>> Corrected Text
>>> --------------
>>>    [JWK]      Jones, M., "JSON Web Key (JWK)", RFC 7517,
>>>               DOI 10.17487/RFC7517, May 2015,
>>>               <http://www.rfc-editor.org/info/rfc7517>.
>>>
>>>
>>> Notes
>>> -----
>>> DOI has a typo: 7157 instead of 7517.
>>>
>>> --------------------------------------
>>> RFC7800 (draft-ietf-oauth-proof-of-possession-11)
>>> --------------------------------------
>>> Title               : Proof-of-Possession Key Semantics for JSON Web
>>> Tokens (JWTs)
>>> Publication Date    : April 2016
>>> Author(s)           : M. Jones, J. Bradley, H. Tschofenig
>>> Category            : PROPOSED STANDARD
>>> Source              : Web Authorization Protocol
>>> Area                : Security
>>> Stream              : IETF
>>> Verifying Party     : IESG
>>
>>
>> -- 
>> Pete Resnick https://www.episteme.net/
>> All connections to the world are tenuous at best


-- 
Pete Resnick https://www.episteme.net/
All connections to the world are tenuous at best