IETF Logo Mail Archive

Re: [OAUTH-WG] Question regarding RFC 7592

Robache Hervé <herve.robache@stet.eu> Mon, 14 October 2019 09:10 UTC

Return-Path: <herve.robache@stet.eu>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8BEB2120025 for <oauth@ietfa.amsl.com>; Mon, 14 Oct 2019 02:10:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dic9vZk63DeL for <oauth@ietfa.amsl.com>; Mon, 14 Oct 2019 02:09:58 -0700 (PDT)
Received: from mx.stet.eu (mx.stet.eu [85.233.205.208]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4A4CB1200FF for <oauth@ietf.org>; Mon, 14 Oct 2019 02:09:57 -0700 (PDT)
Received: from mail.stet.eu ([10.17.2.22]) by mx.stet.eu with ESMTP id x9E99tdV030914-x9E99tdX030914 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=CAFAIL); Mon, 14 Oct 2019 11:09:55 +0200
Received: from STEMES002.steteu.corp (10.17.2.22) by STEMES002.steteu.corp (10.17.2.22) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 14 Oct 2019 11:09:54 +0200
Received: from STEMES002.steteu.corp ([::1]) by STEMES002.steteu.corp ([fe80::1c47:3ef0:f04e:a256%14]) with mapi id 15.00.1473.003; Mon, 14 Oct 2019 11:09:54 +0200
From: Robache Hervé <herve.robache@stet.eu>
To: Travis Spencer <travis.spencer@curity.io>
CC: "oauth@ietf.org" <oauth@ietf.org>, Mark Dobrinic <mark.dobrinic@curity.io>
Thread-Topic: [OAUTH-WG] Question regarding RFC 7592
Thread-Index: AdVuAgKteMknwUzTRQafucaFZ8aETAUbPCPg
Date: Mon, 14 Oct 2019 09:09:54 +0000
Message-ID: <7f5b0068bcc74a21a00b578adb7fdbc3@STEMES002.steteu.corp>
References: <CAEKOcs3Oqfp19LEGdKwwqzv_OTPOVZb5zLfZez5DLhfu9TfMjw@mail.gmail.com>
In-Reply-To: <CAEKOcs3Oqfp19LEGdKwwqzv_OTPOVZb5zLfZez5DLhfu9TfMjw@mail.gmail.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.17.2.170]
x-tm-as-product-ver: SMEX-12.5.0.1684-8.5.1010-24974.005
x-tm-as-result: No-29.711900-8.000000-10
x-tmase-matchedrid: mHCEnrG40p6eGXFpAoGIoe5i6weAmSDKqr0Np6cKdO5fQRiqw0gT4DcI a9gjeLdiWRv4gMq+CegHdptXFFME7wRytbWF0BphCgHQMFomsrRv+B0owAW3BpcDGDiTFmuGs03 PiUbxvvhR1tTDNqr8dVjZYFGVYSCavqDeDn7UX95DO9NSmfde1K6IBbSnfz+3CwWRLqiC/UqTvZ kBseIwt0mu4uFjBmMBf9krIFPI8jVu7xCoxCPC8oDcpVWyPxAMWw/S0HB7eoMwMfxyID/dnTRGW ZgDtiVIqFfaBbOImZGfQhSbnKRVoH9AG+WpDI5oIj0zFI5DoJLAtpDNMLs81qTsE8Z/jrr+6xul wEB2dGdaQN+9A7oQtKuCM8s//NPh6MXlf8pDjmVFM72aEhcbjZl/lu28zzkBPOKOd0uttLlj8Xz dqXhnXljObZLGdDchTwW1n+jptHH+TmbsPRhNL7zK9RGVgYIhGrSmht4ssAdW1jLbx3/rulVnDj aOMLuAu1M8Acf4eaQK22LlvS+nvvR3YoE94O3m8KGJCiV+3/L17lqbebntfaTEIOgFcjqDmvpO+ rpPHAI+ofczduaJpjrkB/ka/EmKb4fnpkHsS7ueAiCmPx4NwFkMvWAuahr8AQ2nhIcp8pyov4gz E3CFDp5xKu8owaw2278kU8dMGJfi2GwNWnOlsgKkgvnxqgcoftwZ3X11IV0=
x-tm-as-user-approved-sender: No
x-tm-as-user-blocked-sender: No
x-tmase-result: 10--29.711900-8.000000
x-tmase-version: SMEX-12.5.0.1684-8.5.1010-24974.005
x-tm-snts-smtp: D8A14BC549B788FE089E3BBCC50A6DF53BC1AE999DDC15FF6182C2265E057BFA2000:9
Content-Type: multipart/alternative; boundary="_000_7f5b0068bcc74a21a00b578adb7fdbc3STEMES002steteucorp_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/ygfpGR3t2CECSt7RExfF0xsDPHw>
Subject: Re: [OAUTH-WG] Question regarding RFC 7592
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Oct 2019 09:10:01 -0000

Dear all

Thanks for your answers. I understand that RFC7592/§3 should be taken into account for enhancing the Client Information Response of RFC7591.

Best regards

Hervé

De : Travis Spencer [mailto:travis.spencer@curity.io]
Envoyé : mercredi 18 septembre 2019 10:56
À : Robache Hervé
Cc : oauth@ietf.org; Mark Dobrinic
Objet : [OAUTH-WG] Question regarding RFC 7592

On Fri, Sep 13, 2019 at 3:18 PM Travis Spencer <travis.spencer@curity.io<mailto:travis.spencer@curity.io>> wrote:
Ya, this part is confusing. I didn't get it at first either.

Seems I'm still a bit confused ;-)

this metadata isn't defined in RFC 7591 but discussed in section 1.3; that spec leaves the metadata out of scope. It is, however, profiled in section 3.2 of OIDC DCR (see registration_access_token in section 3.2

Mark Dobrinic pointed out to me this morning that RFC 7591 (DCR) is updated by 7592 (DCRM) in section 3 to include the same registration_access_token response metadata that OIDC defines.


Ce message et toutes les pièces jointes sont établis à l'intention exclusive de ses destinataires et sont confidentiels.
Si vous recevez ce message par erreur ou s'il ne vous est pas destiné, merci de le détruire ainsi que toute copie de votre système et d'en avertir immédiatement l'expéditeur.
Toute lecture non autorisée, toute utilisation de ce message qui n'est pas conforme à sa destination, toute diffusion ou toute publication, totale ou partielle, est interdite.
L'Internet ne permettant pas d'assurer l'intégrité de ce message électronique susceptible d'altération, STET décline toute responsabilité au titre de ce message dans l'hypothèse où il aurait été modifié, déformé ou falsifié.
N'imprimez ce message que si nécessaire, pensez à l'environnement.

This message and any attachments is intended solely for the intended addressees and is confidential.
If you receive this message in error, or are not the intended recipient(s), please delete it and any copies from your systems and immediately notify the sender.
Any unauthorized view, use that does not comply with its purpose, dissemination or disclosure, either whole or partial, is prohibited.
Since the internet cannot guarantee the integrity of this message which may not be reliable, STET shall not be liable for the message if modified, changed or falsified.
Do not print this message unless it is necessary, please consider the environment.

v2.23.0 | Report a Bug | By Email