[Wimse] Re: Token Exchange and Translation Protocol
"Flemming Andreasen (fandreas)" <fandreas@cisco.com> Wed, 31 July 2024 01:16 UTC
Return-Path: <fandreas@cisco.com>
X-Original-To: wimse@ietfa.amsl.com
Delivered-To: wimse@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C1ACC151549 for <wimse@ietfa.amsl.com>; Tue, 30 Jul 2024 18:16:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.743
X-Spam-Level:
X-Spam-Status: No, score=-9.743 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.148, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_HELO_PERMERROR=0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b="JubVs+q0"; dkim=pass (1024-bit key) header.d=cisco.com header.b="DscU2PIy"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 50mPAYdm4cWF for <wimse@ietfa.amsl.com>; Tue, 30 Jul 2024 18:16:29 -0700 (PDT)
Received: from alln-iport-7.cisco.com (alln-iport-7.cisco.com [173.37.142.94]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0872FC14F6E1 for <wimse@ietf.org>; Tue, 30 Jul 2024 18:16:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.com; i=@cisco.com; l=8709; q=dns/txt; s=iport; t=1722388589; x=1723598189; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=/2mOZeU/fzZf6LJCTyLi8BAK7ctYyLLsK1IjJhkSQwU=; b=JubVs+q0tfcFRBKJWAEt7kzWyAOVsGhWZusv55XU2pzfKYZ4hZ+B1D6B 5NN+Q4+x5HLrZK0RUTT6F+LBMJRE1gIM04HjOoLNOYHtlbufOtu152otW 88XQ4ITbjMUvhjb5g3XG5EiNB7gWGCbTi/8T0u1093TysV5Mjsv5pI13h 8=;
X-CSE-ConnectionGUID: ZRs6d4QsR/OqiZX7t7qJjg==
X-CSE-MsgGUID: +gw3+3bvSG6S8QH11AKc3A==
X-IPAS-Result: A0BRAQAlj6lmmI0NJK1aDhABAQsSDGWBHwuBQTFSegKBHEiEVYNMA4Uthk+CIpc/hlWBJQNWDwEBAQ0BATsJBAEBhQYCFoksAiY2Bw4BAgICAQEBAQMCAwEBAQEBAQEBAQUBAQUBAQECAQcFFAEBAQEBAQEBNwVJhXUNhl4CAQMSCwYdAQEyBg8CAQgONAICAi8lAgQBFAEBHoJeAYIcSAMBEJ8pAYFAAoooeoEygQGCDAEBBoFYQU3bGgMGgUiIPQEogTICAoh3JxuBSUSBPAuCQAcxPoJhAgOFOIJpih9BgUyCJoMyBgQDAgUPgyuBY4JfDECBFFxWfCZUSwICAgcCgQ+EZIdJUnUiAyYzIQIRAVUTFwsJBYlMCoJ9BSGBciaBCxeCdzh9FYEIAoJagWsMYYdyYoEPgT6BXwFJgReBX0skg0OBf4EKgTsdQAIBC209NQYDCxsGoyMEDiMBg3xqAQNTWHgUHgJzkx2DLos4o10KhBWMFJUqBg8EL4QFjQCYVWSYcCKNWZVLBIUhAgQCBAUCDwEBBoFuATKBSAwHcBU7gmdSGQ+OIRmDYYUUiiC8X3g7AgcBCgEBAwmKawEB
IronPort-PHdr: A9a23:ltFgwRIUeExybFFIbdmcuVQyDhhOgF28FgcR7pxijKpBbeH4uZ/jJ 0fYo/5qiQyBUYba7qdcgvHN++D7WGMG6Iqcqn1KbpFWVhEEhMlX1wwtCcKIEwv6edbhbjcxG 4JJU1oNwg==
IronPort-Data: A9a23:Tc/DuqK9xKQMMjzbFE+R25UlxSXFcZb7ZxGr2PjKsXjdYENS1TEGn DQfWGrSMvaLZmP0f9Elaoi/90oDvsLWx9IwSAsd+CA2RRqmiyZq6fd1j6vUF3nPRiEWZBs/t 63yUvGZcYZpCCaa/krwWlTYhSEU/bmSQbbhA/LzNCl0RAt1IA8skhsLd9QR2uaEuvDnRVvc0 T/Oi5eHYgP9hGUtajt8B5+r8XuDgtyj4Fv0gXRmDRx7lAe2v2UYCpsZOZawIxPQKqFIHvS3T vr017qw+GXU5X8FUrtJRZ6iLyXm6paLVeS/oiI+t5qK23CulQRuukoPD8fwXG8M49m/c3+d/ /0W3XC4YV9B0qQhA43xWTEAe811FfUuFLMqvRFTvOTLp3AqfUcAzN1cNlpoMdEh4dwwJnhPx 8xHNG8UTBKM0rfeLLKTEoGAh+wqKM3teYgYoHwlnXfSDO0tRtbIRKCiCd1whWhrwJsQW6+FI ZNFMFKDbzyYC/FLElkeDp4kke6zrnL+aDZf7lmSoMLb5kCIllAojei3boe9ltqiBspKxQXDr Hz90DrCUig6bYW26jHe2yf57gPItXimAN1JTuLQGuRRqEKSw3ceIBwbSVX9puO24nNSQPpWL 0gSvyEpt6V3pAqgT8L2WFuzp3vsUgMgt8R4Idchtg3R87HupCGAB1o0ESIecf4ku5pjLdA17 WOhk9TsDD1plbSaT3OB67uZxQ9e3wBLcAfuggdaEWM4D8nfnW0lsv7Yoj9e/EOdh9nxH3T7x CqH6Xh4jLQIhslN3KK+lbwmv95OjsaWJuLWzlyLNo5A0u+fTNX8D2BPwQOGhcus1K7DEjG8U IEswqByFtwmA5CXjzCqS+4QBryv7PvtGGSD2wQ1T8VxrGnwpiHLkWVsDNdWeRgB3iEsJG+BX aMvkVkKjHOuFCLwNPYsMtjZ5zoCkfi6To6Nug/ogipmOcUpK1Tdo0mClGab3nvmlwA3gLojN JKAOceqBjByNEiU5GTeegvp6pdynnpW7TqKHfjTlk33uZLAPyT9YelebzOzghURsfnsTPP9q YgPbqNnCnx3DYXDX8Ug2dVMfQ5XdiVjWM6eRg4+XrfrHzeK0VoJUpf56bggYIdi2a9Sk4/1E ruVAye0FHKXaaX7FDi3
IronPort-HdrOrdr: A9a23:ikhn8auPv4tm5vCTNHTCCKTk7skCOYAji2hC6mlwRA09TyXGrb HMoB1L73/JYWgqOU3IwerwRpVoIUmxyXcH2/hhAV7CZniohILMFvAB0WKM+UybJ8STzJ876U 4kSdkANDSSNyk1sS+Z2njELz9I+rDum87Y4Ja7854ud3AXV0gK1XYBNu/vKDwMeOAwP+tAKH Pz3LsgmxOQPV4sQoCQAH4DU+Lfp9vNuq7HTHc9bSIP2U2ltx/tzKT1PSS5834lPg+nx41MzU H11yjCoomzufCyzRHRk0XJ6Y5NpdfnwtxfQOSRl8k8MFzX+0aVTbUkf4fHkCE+oemp5lpvus LLuQ0cM8N67G6UVn2poCHqxxLr3F8VmjzfIB6j8DneSP7CNXYH4vl69MVkm9zimgwdVeRHoe d2NqSixsNq5F377XzADpPzJmFXfwKP0AkfeKgo/j1iuU90Us4KkWTZl3klS6vpVkjBmfIaOf grA8fG6PlMd1SGK3jfo2l02dSpGm8+BxGcXyE5y4aoOhVt7ThEJnEjtYcit2ZF8Ih4R4hP5u zCPKgtnLZSTtUOZaY4AOsaW8O4BmHEXBqJaQupUBjaPbBCP2iIp4/84b0z6u3vcJsUzIEqkJ CEVF9Dr2Y9d0/nFMXL1pxW9RLGRnm7QF3Wu4xjzok8vqe5SKvgMCWFRlxrm8y8o+8HCsmeQP q3MII+OY6rEYIvI/c+4+TTYegkFZBFarxhhj8SYSP7nv72
X-Talos-CUID: 9a23:2vQbPG+rSm0LKVNyoMGVv3wuAZ4pLkTG9jD3Ok6KOTl1F6S3S1DFrQ==
X-Talos-MUID: 9a23:LOxq2g7fXIl+bKVFYC3imTVexowr7Lv1SxsHj64p5fLUDAwpYh6+h2+eF9o=
X-IronPort-Anti-Spam-Filtered: true
Received: from alln-core-8.cisco.com ([173.36.13.141]) by alln-iport-7.cisco.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Jul 2024 01:16:28 +0000
Received: from alln-opgw-3.cisco.com (alln-opgw-3.cisco.com [173.37.147.251]) by alln-core-8.cisco.com (8.15.2/8.15.2) with ESMTPS id 46V1GRvd025864 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for <wimse@ietf.org>; Wed, 31 Jul 2024 01:16:28 GMT
X-CSE-ConnectionGUID: Q/l23ERUSEGmuCl1Fpl6qw==
X-CSE-MsgGUID: YwLQcJjMRmyAwh32EAdhIA==
Authentication-Results: alln-opgw-3.cisco.com; dkim=pass (signature verified) header.i=@cisco.com
X-IronPort-AV: E=Sophos;i="6.09,250,1716249600"; d="scan'208,217";a="13788607"
Received: from mail-bn8nam11lp2174.outbound.protection.outlook.com (HELO NAM11-BN8-obe.outbound.protection.outlook.com) ([104.47.58.174]) by alln-opgw-3.cisco.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Jul 2024 01:16:27 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=WIdkq1gO1/8CDQXusCptVm2kVHoAfRoYD5R0ymJMdG+ePiIuBuJO0iqj9eBQhLWdY04+zA7LaLmsC30NeK/0RsWXVYuwuB/23n4leII0QeQgLJvjx3ZR3RMAMbCHzu0RFNxzoGk7aJN/w6LLLb8ZEuVURygEULBXIxTm1A9V130Bh/Mlt3knoprHJJQByTkcW72B3KfAiF45F1oGnx/sfBDi+QMaKbZYEz+p0ItAMEDbVUTW/Fkh3AlwRIEdiJo+rhJK/as+GDbrSyEpPqh0eux0iRktrksn6ZMscBVkSwgjlubB2M9GSwat04zCEX1yo7ijPY1or/gOT1lfHK7OBg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/2mOZeU/fzZf6LJCTyLi8BAK7ctYyLLsK1IjJhkSQwU=; b=CekjPoXiVb+u/o6IifLdxeA4OQaEefCOmpo0+9ItS2AEx8rShHCGKOIxuVUuLLLEHj17LXUi88AAfvZdmcFZf59oj63iTJoIopL1MeOQPs8fpqXOX/30myX/Ya44LlLqv9rTWdkZGamKo0MTenAo1zF9oftmQIYM3XyhenLTibeDHLm/lUuqx24189y8IcjuVuW6HsyzELag3tSBsUD/Y87mKydJN1Q59cOoKZ/Ai19srempgFWC/jlDnV9gQxVDnFoUGkjFlKs8lOxushpEOvEsLVMI+tbzZTZKIf9ZeY5YR0ZLoro8YkXJDF3GbDu1kx3Es0gEwHW5p+DHdUUBow==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/2mOZeU/fzZf6LJCTyLi8BAK7ctYyLLsK1IjJhkSQwU=; b=DscU2PIy5b55WphbhTTtPAWb6gXfxx+RBR0e0drzLEMyeMr7EkXc6mTjxL9BVfcNh4I0gFJstpBzqr1oH+cWWKxrCO1YpoBDJOqDPhLb9/NT6xKRd/cs1NdI7TeYBI0Lqbo6cIdMgnajVwujsMImvmPO/Os6Rc8ocXQC3JVoOgk=
Received: from MN2PR11MB4760.namprd11.prod.outlook.com (2603:10b6:208:266::22) by SJ2PR11MB7617.namprd11.prod.outlook.com (2603:10b6:a03:4cb::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7807.28; Wed, 31 Jul 2024 01:16:24 +0000
Received: from MN2PR11MB4760.namprd11.prod.outlook.com ([fe80::c0c3:62b9:7fc2:b66a]) by MN2PR11MB4760.namprd11.prod.outlook.com ([fe80::c0c3:62b9:7fc2:b66a%4]) with mapi id 15.20.7807.026; Wed, 31 Jul 2024 01:16:23 +0000
From: "Flemming Andreasen (fandreas)" <fandreas@cisco.com>
To: Justin Richer <jricher@mit.edu>, "wimse@ietf.org" <wimse@ietf.org>
Thread-Topic: [Wimse] Token Exchange and Translation Protocol
Thread-Index: AQHa4bJy5gSKJxpI60260PdQP5zR0LIQCx6A
Date: Wed, 31 Jul 2024 01:16:23 +0000
Message-ID: <a48794ca-6c54-4643-990b-88a06bd08c9b@cisco.com>
References: <17054C45-D280-4F6D-92FA-69780E697C69@mit.edu>
In-Reply-To: <17054C45-D280-4F6D-92FA-69780E697C69@mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Mozilla Thunderbird
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MN2PR11MB4760:EE_|SJ2PR11MB7617:EE_
x-ms-office365-filtering-correlation-id: 36ca4972-ca30-43d2-d313-08dcb0fe64d6
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|376014|1800799024|366016|38070700018;
x-microsoft-antispam-message-info: x9VrTbdmbGl41enjDUAQic1fKhdmQElFMJ8LuxT72iwlf8tkPdPDkCllkGz0UGnqE0cxL+g5v8t+XzyoXaD7hmUSdxASqVpFDP1YrV6wWpH/vrvYASmsg7VE0SPR1Ium5aTDGp1FmI2dJiNgzhzNR4UeACksVuDgPMzcx49OBkf1B42D8SXGrwqAx58/jj5RKmETkrRGb2c+CzM4Fqu+V6xyHi4hjQ933PemvUB3toRjWlKTA2nyAqPGZ2lzWZx+UPeSxvfuPz9sJCXa1l6WBPLoxZEI9ytupjW4xcBNZsrp1WGcEX/W65NlB8YQn9aL3WA5R69Cym25kcDsMzmX6CHOJ29QVBbi0sMYLppb58wINyqoHwndMX9qnz2MISEOUBmY2vKjvi7TcuqqLrol6wx4B/8NIzzlIHUjq062L+LvScSNLjAJ9RlPkIr8X/xNG2usMBT/1zlDpCJ1iB7HE/e9WgbuDG77jyOgtKdx52fykrA697XIrkQ67BSnrqbdIbUK8Y50IzVfGTJ3KCr39IoRm68F8jr3pPiSqOUFLwi+Wt95FLHNa+ac6kzG7EWnS4GnVEDaY3h015RlczyMLbxywEPlttx0l4TgJY3uobGmcmL5N5L0d61uzoikLJYFjwdxzoX+Bjiw7HSzBDBun7oJScjaXlGrFDV5eL7D0QWXwphXfROdbeJkDlciSStIQLqo2ZxmoOYaphMXFRlUXobsrPrirDMr5L+jDqpDkwR8MPvitWwU/vHaEN90NgJpjrfv+tfy0Z5WwJwDWLriorQeY/bEkHKNogARW7Vp4taIQB/s3CYcs3CMXmMpt8033IQc9g7DaPS/sNI/1ZqED6/4zRhxsykjKAoTsgxfHfLEM+tVkCKGUgc9QM1WDfsTzw47Q4d7auiYLvKRLf99MQeM4aRY3zYc9mEwteQZSzMhSncopaqZtP3+VyXO9z+IusGD9mNoy8SsgxbOxJFiZoR4cGolGoWA20J1VbJeAhFPk/Rogbs/VnsvMW8XQhF3yTBqeUSOX/HOhF4k47VM0CXQFapua9GoRBohRbNwaeZxX/BSukoxL8sqhq7BCVEOpt4XOcvfERfyXGgUba+NcZYYwIQ+uuKcxKnGmOqOhwBFkclQCKPgqsFETxaXPJWyX9cM8OG/TZX4HcpcU8QkNyB3aiHeqDaBm2f1lXvkE5vXpvrglN29lT5JwY29QEjgS4iZQwBvjBLGzcqAaSO3DDc9L0ffcW5zJe3yAbX1hGtUUhkBFuC8od3QqJfJYup3n2qVYIR347bxBPgppX5b2QqM55dKvYq4/uuTzYD2YRLkTFE2tLFt3HVJTC+Accv6Y7fWtrVYNrVbnAy1rTh0NfDpPi66XwSs/mcKtT6wswKqElGJgh1bJWaFwlFU5Wqi5pp37usE+Shgphq0cfxFbA==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MN2PR11MB4760.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016)(38070700018);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: x+NxdMDkAR9GBH1AV+50OLuubPpLNwN7YkhaaJPciXoNirzr/k9lwyoqDHFbE9z6viT5Q23i4umrLJpqdyeJ3ZjCqlEr5M0vNZY8hjtJTkcKG1oz67ThYciVI/rVO80yWXawC9AgnjFIJeRyotAYl4e87i7ZoPMON0D/hEplUVsFZj1Ys3WINzMmx9eWsanm4ggS5vwSaNqhPYgkKJL41JnVBL++7vEubvsgIuwJDNcCxUhYLYCTNS3FFZKq17Be7ydcPJYbHTPX01HBhHs8ediv1K1dnpFTUlOWWg/1RUm/ZIB4G6AZzV57GVRqSH0Og2nbtAzCW43qd8YVL5C0Wn9b8ZM6ZoRWWrcHHjGjX6lPKITd0qfiXjkRdt91/9WDbG9+OMMywJmnQEJkrU2HzeO9lFcfIJ0PlmLv+9Aiso6G3VCljtEut38+nyCKnevdggPilgJJyhLa4RiEaH8HK5IdctRbXyiz/vEbpIKCGjGZWwbRSOZP1avnewGUTEMhUugIf9PMjpNMvTTLlzpAGGWScIWfQdDbUS2G50GSPUBIjj6EUz8pt7xmd6kvGWG4D7TNhoSYyTf0xwqSdV/7hzzA2DZ1sjnM9NWY/4wE1g1Ib8Y8rbyKIWE11DYU8nGS6n0BikGt94wI4qUCpPlgyUwBEG1i//cZIVQxdl46TfN+OZk+PYtOMdjhVX6lAcvGZ2D6BGJcoyl1Bbtxy0AJs32zDaYzT8+0J4Y4cuIwWjRHUTBuYrXfJcy8D5YQjNjVA/wKcCP0jKhSyWHn+h38cgwwPD9TFbQ5faJ90uEY1BZB4L+RpY6WQhiCP1AqG3XNBUEBRe/FjRdi4giIxJCzaB42su3m7dqr4Tk3sKv1+XE1S6T1NkDc29iwApniJYy2WWwyBad+1LPMhExVR8Vc3PkL04Kt9KrJxCyys/hD9af/Ai4pyobK/6G63e/wUDy8qyfPZc24hbW1HYZt7XK08q/D7PZ00Vb56UOWuLUZWrSwkztrwry3nyr5f50jqMMDJ0AsX7VYBRRmN/0tOq6w3cH34cHhtU0rLjbt7ZNET6KINaBpJVruyTADPL0LonjNuLHa5WKjiFEd53oh+2XtwGqaNmF50xdaH0A7cNQTT59QARnl7NWTjTVpDFIKsRpg4W5c5XgaT9O43L0hZ+yIKjY7zP65M2al9LLszXl0CHKXnLJvC1z2idufWN7a+YRJ5olfeDjFghpB4NCeNm7u7TfuBjUxhJF+W4Rj8vLUKxcBOp+Ynd+V+697SkBVqQex/d/pPNzEfQmbgKohgdYmh1TUEGMdIre+AtKQ7yp//2hI+x2cj5bfwxEhgm/sOyq3XreB7ZrH5n8gegKT8j/zKzAK00fRi9NvbV7mOA7ofKPvSzh+qPhLcbNgOYGo1k5rUHC6Zxj9z6jmZ187SlFEhYvVxuqWEcHvoeNF30UUb913mYPSZ/iUDCRP0xalc7rQyB1SmxckbSlgpEG1t5H5dpBzjuNcd7eRAe1TIYiyucSPO7wimfJT33W+n1AuwV7FbbwguQhjWUsvVd14pYqPEl+eryfGg4YNQgjOsX6BpBrrUjwTTwZaT+WvyddxyTJM
Content-Type: multipart/alternative; boundary="_000_a48794ca6c544643990b88a06bd08c9bciscocom_"
MIME-Version: 1.0
X-OriginatorOrg: cisco.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR11MB4760.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 36ca4972-ca30-43d2-d313-08dcb0fe64d6
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Jul 2024 01:16:23.9499 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: eLWzfy3pBwQK6iBmPEL6uTtHBQwWB3UDY9jcQreyk8lZoDsSi4PaS4MT21iOlY5hopGD8NSAzLpUYveGHMPs9Q==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR11MB7617
X-Outbound-SMTP-Client: 173.37.147.251, alln-opgw-3.cisco.com
X-Outbound-Node: alln-core-8.cisco.com
Message-ID-Hash: GO5MNJL3LK55POJWZKZP3DUJSNVCZWWB
X-Message-ID-Hash: GO5MNJL3LK55POJWZKZP3DUJSNVCZWWB
X-MailFrom: fandreas@cisco.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Wimse] Re: Token Exchange and Translation Protocol
List-Id: WIMSE Workload Identity in Multi-Service Environment <wimse.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/wimse/Gx87b1qphoexyDA1488xRy_GQq0>
List-Archive: <https://mailarchive.ietf.org/arch/browse/wimse>
List-Help: <mailto:wimse-request@ietf.org?subject=help>
List-Owner: <mailto:wimse-owner@ietf.org>
List-Post: <mailto:wimse@ietf.org>
List-Subscribe: <mailto:wimse-join@ietf.org>
List-Unsubscribe: <mailto:wimse-leave@ietf.org>
We have a charter item corresponding to this document and I don't see any other candidate documents at this time, so I vote for A. The document is pretty rough though and mostly introduces some of the problems to consider. Additionally, the document would benefit from the following: - More work on the requirements to feed into this document (per separate e-mail thread on requirements) - A set of representative use case scenarios to illustrate what we are after. This is especially important for the "token translation" scenarios. - Clarity on whether we aim to use (/profile) RFC 8693 for "token translation" or whether that is only for "token exchange" - Clarity on which token formats we want to be able to translate/exchange. While the document notes that these will be provided as "translation profiles", we shold understand the target ones early on, and develop at least some of them in parallel with the basic translation/exchange protocol. Cheers -- Flemming On 7/29/24 08:25, Justin Richer wrote: Following discussion in Vancouver, the chairs would like to begin discussion on what the next steps should be for the Token Exchange and Translation Protocol document [1], an output of the Token Exchange Design Team. This is not a call for adoption as there was a clear indication in the room that the document was not yet ready for this stage. Please reply to the list to indicate that: A: You believe this document should be developed into a state that the WG can adopt it. (Please discuss what you believe would be required changes for this. Please keep in mind that a call for adoption is a starting point for a document, not a finished document.) B: You believe this document should NOT be developed further by the WG. (Please indicate why if possible) C: You need more information before making this decision. (Please indicate what information you’d need) D: You don’t give a flying rat about this document (i.e., this is not a topic you care strongly about) Please reply to the list by August 12th, 2024. — Justin and Pieter [1] https://datatracker.ietf.org/doc/draft-saxe-wimse-token-exchange-and-translation/
- [Wimse] Token Exchange and Translation Protocol Justin Richer
- [Wimse] Re: Token Exchange and Translation Protoc… Warren Parad
- [Wimse] Re: Token Exchange and Translation Protoc… Flemming Andreasen (fandreas)
- [Wimse] Re: Token Exchange and Translation Protoc… Dean Saxe
- [Wimse] Re: Token Exchange and Translation Protoc… Dmitry Izumskiy
- [Wimse] Re: Token Exchange and Translation Protoc… Flemming Andreasen (fandreas)
- [Wimse] Re: Token Exchange and Translation Protoc… Joseph Salowey
- [Wimse] Re: Token Exchange and Translation Protoc… Dean Saxe
- [Wimse] Re: Token Exchange and Translation Protoc… Andrii Deinega
- [Wimse] Re: Token Exchange and Translation Protoc… John Kemp
- [Wimse] Re: Token Exchange and Translation Protoc… Dean Saxe
- [Wimse] Re: Token Exchange and Translation Protoc… McAdams, Darin