On Wed, Mar 11, 2020 at 11:39:00PM +0000, Mike Jones wrote: > [Adding correct e-mail addresses for Chuck, who recently joined Visa] > > > > There are two reasons that I believe not using up one of the scarce one-byte > claim identifiers for "scope" is appropriate: > > 1. The claim values for scopes are not short themselves. They are sets of > ASCII strings separated by spaces. So the percentage difference in the total > claim representation from adding a single byte will typically be small..
ACE allows the scope to be a binary value and to use a different convention than space-separated for multi-value scopes. > 2. The single-byte claim identifiers already registered at > https://www.iana.org/assignments/cwt/cwt.xhtml are claims that are likely to > be useful to diverse sets of applications, and therefore merit the short > identifiers; whereas, the scope claim is specific to the ACE OAuth protocol > and not applicable to diverse sets of applications. It's reasonable to give > protocol-specific claim identifiers 2-byte representations. (This point I don't have a good response for.) -Ben > > > I'd be interested to hear from the two other designated experts on my > assessment of the situation: Hannes and Chuck. > > > > -- Mike > > > > -----Original Message----- > From: Cwt-reg-review <cwt-reg-review-boun...@ietf.org> On Behalf Of Ludwig > Seitz > Sent: Saturday, February 29, 2020 6:25 AM > To: drafts-expert-rev...@iana.org; cwt-reg-rev...@ietf.org > Cc: draft-ietf-ace-oauth-au...@ietf.org; ace@ietf.org > Subject: [EXTERNAL] Re: [Cwt-reg-review] [IANA #1158953] Requested review for > IANA registration in draft-ietf-ace-oauth-authz (cwt - CBOR Web Token Claims) > > > > On 2020-02-26 00:58, Amanda Baber via RT wrote: > > > Ludwig, Hannes, > > > > > > Can you confirm that you can make the CBOR Web Token Claim change > > > requested below? > > > > > > We also have Chuck Mortimore listed as an expert for this registry, > > > but our message to his Salesforce address bounced. > > > > > > Best regards, > > > > > > Amanda Baber Lead IANA Services Specialist > > > > > > > I strongly disagree with the assessment that the scope claim should be pushed > into the two-byte range. > > > > The reason we introduced the scope claim is that an ACE RS typically does not > have a direct connection to the AS, and is therefore unable to retrieve the > scope of an access token from other sources than the access token itself. I > therefore assert that ACE access tokens would often need to contain this > claim in order to inform the RS. > > Since one of the major drivers of the ACE work has been to reduce the > authorization overhead (otherwise we could just have used vanilla OAuth 2.0), > I find it strange to needlessly add to the overhead by making the encoding of > a frequently used claim longer than necessary. > > > > I am willing to listen to the arguments that have lead the expert reviewer to > denying a value in the one-byte range, and discuss the reasoning further on > list. > > > > Regards, > > > > Ludwig > > > > > > > On Tue Feb 18 22:42:22 2020, > > michael.jo...@microsoft.com<mailto:michael.jo...@microsoft.com> wrote: > > >> I'm mostly OK with these registrations, however, DO NOT assign the > > >> value 9 to "scope". Rather, please put it in the two-byte range > > >> - for instance, with the value 41. > > >> > > >> -- Mike > > >> > > >> -----Original Message----- From: Cwt-reg-review > > >> <cwt-reg-review-boun...@ietf.org<mailto:cwt-reg-review-boun...@ietf.org>> > >> On Behalf Of Sabrina Tanamal via RT > > >> Sent: Tuesday, February 18, 2020 1:06 PM Cc: > > >> cwt-reg-rev...@ietf.org<mailto:cwt-reg-rev...@ietf.org> Subject: > >> [EXTERNAL] [Cwt-reg-review] [IANA > > >> #1158953] Requested review for IANA registration in > > >> draft-ietf-ace-oauth-authz (cwt - CBOR Web Token Claims) > > >> > > >> Hi all, > > >> > > >> Resending this request for draft-ietf-ace-oauth-authz. > > >> > > >> Thanks, > > >> > > >> Sabrina Tanamal Senior IANA Services Specialist > > >> > > >>> On Sat Dec 21 11:37:11 2019, > >>> ludwig_se...@gmx.de<mailto:ludwig_se...@gmx.de> wrote: > > >>>> Hello CWT registry reviewers, > > >>>> > > >>>> the IESG-designated experts for the CWT claims registry have asked > > >>>> me to send a review request to you about the claims registered > > >>>> here: > > >>>> > > >>>> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ft > > >>>> o > > >>>> > > >>>> > > ols.ietf.org%2Fhtml%2Fdraft-ietf-ace-oauth-authz-29%23section- > > >>>> 8.13&a > > >>>> mp;data=02%7C01%7CMichael.Jones%40microsoft.com%7Ce23f64ac1ad74269c > > >>>> 3 > > >>>> > > >>>> > > c408d7b4b65d45%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C63717656 > > >>>> 7656665548&sdata=r01W5Bx0gJh9ZPH8eNS%2BY765CnGq11DkknsHYQ751Dk% > > >>>> 3 > > >>>> > > >>>> > > D&reserved=0 > > >>>> > > >>>> Thank you in advance for you review comments. > > >>>> > > >>>> Regards, > > >>>> > > >>>> Ludwig > > >>>> > > >> > > >> _______________________________________________ Cwt-reg-review > > >> mailing list cwt-reg-rev...@ietf.org<mailto:cwt-reg-rev...@ietf.org> > > >> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww > > >> .ietf.org%2Fmailman%2Flistinfo%2Fcwt- > > >> > > >> > > reg- > > >> review&data=02%7C01%7CMichael.Jones%40microsoft.com%7Ce23f64ac1ad > > >> 74269c3c408d7b4b65d45%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C63 > > >> 7176567656675543&sdata=XxBhQmqxGkCRiBxh0PdhX2IJD8TnbwWl%2Feo8VUsH > > >> Osg%3D&reserved=0 > > > > > > > _______________________________________________ > > Cwt-reg-review mailing list > > cwt-reg-rev...@ietf.org<mailto:cwt-reg-rev...@ietf.org> > > https://www.ietf.org/mailman/listinfo/cwt-reg-review > _______________________________________________ > Ace mailing list > Ace@ietf.org > https://www.ietf.org/mailman/listinfo/ace _______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace