Re: [OAUTH-WG] [Errata Verified] RFC7800 (6187)

Barry Leiba <barryleiba@computer.org> Mon, 01 June 2020 13:16 UTC

Return-Path: <barryleiba@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 261863A10BD; Mon, 1 Jun 2020 06:16:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.401
X-Spam-Level:
X-Spam-Status: No, score=-1.401 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KPOgq5xHf9Aa; Mon, 1 Jun 2020 06:16:29 -0700 (PDT)
Received: from mail-io1-f54.google.com (mail-io1-f54.google.com [209.85.166.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 097463A1074; Mon, 1 Jun 2020 06:16:27 -0700 (PDT)
Received: by mail-io1-f54.google.com with SMTP id q8so6811821iow.7; Mon, 01 Jun 2020 06:16:26 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=xhW2vOBis1SSm4HFGJPSTd4/vKCSE4+dhrA7DW5AOZA=; b=SuthbdXdUDFLJgUunOh+t4kIHsOt1hR3a5HoUV2LXcir7sowkwNrckBi4v55nvn+QO gyeKXq4OUZWlnypsxCbT6iAgakroloJzJCuR0S1EzlGERweAZa4AOPfoGX+M8YFn8x8S Aa2+O0Qcu/hT9dTRThkcJNJRr01bSWJmg7ZWqxUHfMU9w/MoSkED4ZzHPjx8KJd+CM+p OfWMKsMMsTxJq6pxr1DOd7x52U3KoPrjrirOckVxQJ3ZPce2IFYoCI1cRd6su23M+QhZ y2wcsr6XIW6YdQyW2K1amTqSxidmGoFw/6AKUs9nK0sYTDO3HT4aiX8Y/iRehGgKvs/i Vz+A==
X-Gm-Message-State: AOAM532EQAd0FlL+zlg7h3xbasmfT/51nGY6t7KI0bkELa7hrTUAkXCK ta1gy7l6wATU0I4alza68Crd0gEyRoKKtlY4TRw=
X-Google-Smtp-Source: ABdhPJxKk2GRvIRAo6zHjDlP5OZpfsclxZQ/e1JarMeYyhYIfaS7oOcZDA7dnRI7/dJLoTWuTqbLL1QOVJyZ8QyXuqI=
X-Received: by 2002:a6b:8b12:: with SMTP id n18mr18737545iod.160.1591017385892; Mon, 01 Jun 2020 06:16:25 -0700 (PDT)
MIME-Version: 1.0
References: <20200531013404.4528BF40721@rfc-editor.org> <AA62FB03-89F3-4931-AB7C-0BE281970A2E@episteme.net> <20200531040924.GM58497@kduck.mit.edu> <MN2PR11MB436654658A3926B05A9CC79BB58A0@MN2PR11MB4366.namprd11.prod.outlook.com>
In-Reply-To: <MN2PR11MB436654658A3926B05A9CC79BB58A0@MN2PR11MB4366.namprd11.prod.outlook.com>
From: Barry Leiba <barryleiba@computer.org>
Date: Mon, 01 Jun 2020 09:16:14 -0400
Message-ID: <CALaySJ+D0wfaj2=KbP-z8rka=HzdHRn5EV-8jbT2_g_tFy7L6A@mail.gmail.com>
To: "Rob Wilton (rwilton)" <rwilton=40cisco.com@dmarc.ietf.org>
Cc: Benjamin Kaduk <kaduk@mit.edu>, Pete Resnick <resnick@episteme.net>, "mbj@microsoft.com" <mbj@microsoft.com>, "iesg@ietf.org" <iesg@ietf.org>, "ve7jtb@ve7jtb.com" <ve7jtb@ve7jtb.com>, "Hannes.Tschofenig@gmx.net" <Hannes.Tschofenig@gmx.net>, "oauth@ietf.org" <oauth@ietf.org>, RFC Errata System <rfc-editor@rfc-editor.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/yLnrjBQUrMFqaZWp1LL9JkENMTo>
Subject: Re: [OAUTH-WG] [Errata Verified] RFC7800 (6187)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Jun 2020 13:16:32 -0000

That's what the "technical" vs "editorial" distinction is supposed to be for.

Barry

On Mon, Jun 1, 2020 at 8:27 AM Rob Wilton (rwilton)
<rwilton=40cisco.com@dmarc.ietf.org> wrote:
>
>
>
> > -----Original Message-----
> > From: iesg <iesg-bounces@ietf.org> On Behalf Of Benjamin Kaduk
> > Sent: 31 May 2020 05:09
> > To: Pete Resnick <resnick@episteme.net>
> > Cc: mbj@microsoft.com; iesg@ietf.org; ve7jtb@ve7jtb.com;
> > Hannes.Tschofenig@gmx.net; oauth@ietf.org; RFC Errata System <rfc-
> > editor@rfc-editor.org>
> > Subject: Re: [Errata Verified] RFC7800 (6187)
> >
> > The new text is clearly the right thing, and there is no need
> > to debate it if/when the document gets updated.  "Don't hold
> > it; do it now", so to speak -- and noting that (my
> > understanding/recollection of) the plan for
> > https://www.rfc-editor.org/rfc/inline-errata/rfc7800.html is that only
> > verified errata, not those in other states, will be displayed.
> [RW]
>
> If this ends up being the plan, then I think that we may wish to modify the RFC guidance, or possibly have two different verified states:
>  (i) Verified, could impact implementations
>  (ii) Verified, editorial only.
>
> Certainly, it seems to be makes sense for these sorts of errata to be displayed.
>
> Regards,
> Rob
>
>
> >
> > (Yes, that link 404s at the moment, I assume a caching issue.)
> >
> > -Ben
> >
> > On Sat, May 30, 2020 at 10:55:01PM -0500, Pete Resnick wrote:
> > > "Verified", not "Hold For Document Update"?
> > >
> > > pr
> > >
> > > On 30 May 2020, at 20:34, RFC Errata System wrote:
> > >
> > > > The following errata report has been verified for RFC7800,
> > > > "Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs)".
> > > >
> > > > --------------------------------------
> > > > You may review the report below and at:
> > > > https://www.rfc-editor.org/errata/eid6187
> > > >
> > > > --------------------------------------
> > > > Status: Verified
> > > > Type: Editorial
> > > >
> > > > Reported by: Pete Resnick <resnick@episteme.net>
> > > > Date Reported: 2020-05-26
> > > > Verified by: Benjamin Kaduk (IESG)
> > > >
> > > > Section: 7.1
> > > >
> > > > Original Text
> > > > -------------
> > > >    [JWK]      Jones, M., "JSON Web Key (JWK)", RFC 7517,
> > > >               DOI 10.17487/RFC7157, May 2015,
> > > >               <http://www.rfc-editor.org/info/rfc7517>.
> > > >
> > > >
> > > > Corrected Text
> > > > --------------
> > > >    [JWK]      Jones, M., "JSON Web Key (JWK)", RFC 7517,
> > > >               DOI 10.17487/RFC7517, May 2015,
> > > >               <http://www.rfc-editor.org/info/rfc7517>.
> > > >
> > > >
> > > > Notes
> > > > -----
> > > > DOI has a typo: 7157 instead of 7517.
> > > >
> > > > --------------------------------------
> > > > RFC7800 (draft-ietf-oauth-proof-of-possession-11)
> > > > --------------------------------------
> > > > Title               : Proof-of-Possession Key Semantics for JSON Web
> > > > Tokens (JWTs)
> > > > Publication Date    : April 2016
> > > > Author(s)           : M. Jones, J. Bradley, H. Tschofenig
> > > > Category            : PROPOSED STANDARD
> > > > Source              : Web Authorization Protocol
> > > > Area                : Security
> > > > Stream              : IETF
> > > > Verifying Party     : IESG
> > >
> > >
> > > --
> > > Pete Resnick https://www.episteme.net/
> > > All connections to the world are tenuous at best
>