The text is now correct and you’re right where the link should go, but this
appears to be a bug in the rfcmarkup<https://tools.ietf.org/tools/rfcmarkup/>
tool that automatically creates the HTMLized version from the .txt version.
I’ll try to experiment to see if I can work around the bug – for instance,
changing “Section 7 of the JSON Web Key [JWK] specification” to Section 7 of
[JWK]” and see if that helps the tool get it right. I’ll also look into filing
a bug on the tool.
Thanks for double-checking, Brian.
-- Mike
From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Brian Campbell
Sent: Thursday, July 30, 2015 5:43 AM
To: oauth
Subject: [OAUTH-WG] JWT PoP Key Semantics WGLC followup 1 (was Re: refs and
links in proof-of-possession-02 section 3.2)
In -03 the link is still back to the same doc and now to an anchor that doesn't
exist,
https://tools.ietf.org/html/draft-ietf-oauth-proof-of-possession-03#section-7<https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2ftools.ietf.org%2fhtml%2fdraft-ietf-oauth-proof-of-possession-03%23section-7&data=01%7c01%7cMichael.Jones%40microsoft.com%7c5c412cf1fc9748899edf08d298dc724c%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=4mazqodL3i6qJrGKlUdVAA66%2bifTwrFxSNBQhxMwRao%3d>
rather than to the section in JWK/RFC7517 where I assume it's intended,
http://tools.ietf.org/html/rfc7517#section-7<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2ftools.ietf.org%2fhtml%2frfc7517%23section-7&data=01%7c01%7cMichael.Jones%40microsoft.com%7c5c412cf1fc9748899edf08d298dc724c%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=HR7d5qNE%2b61B8ti0h19cWHwpRS0p6%2fBaUQerQSHfAc0%3d>
On Sun, Mar 22, 2015 at 8:13 PM, Brian Campbell
<bcampb...@pingidentity.com<mailto:bcampb...@pingidentity.com>> wrote:
In §3.2. Proof-of-Possession of a Symmetric
Key<https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2ftools.ietf.org%2fhtml%2fdraft-ietf-oauth-proof-of-possession-02%23section-3.2&data=01%7c01%7cMichael.Jones%40microsoft.com%7c5c412cf1fc9748899edf08d298dc724c%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=O8koxIiKG4KgbzGKrfAOy7kQ9YkRmGu4SlKTvLnfvoI%3d>
it has "The rules for encrypting a JWK are found in Section 6 of the JSON Web
Key [JWK] specification.", which has two issues.
1) the Section 6 link is to the same document at
https://tools.ietf.org/html/draft-ietf-oauth-proof-of-possession-02#section-6<https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2ftools.ietf.org%2fhtml%2fdraft-ietf-oauth-proof-of-possession-02%23section-6&data=01%7c01%7cMichael.Jones%40microsoft.com%7c5c412cf1fc9748899edf08d298dc724c%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=Syxt3ZCKVio98eb3YVon7zSUZLJITiJiMfpI%2bhvwo1A%3d>
which kinda works because it's the References. But is probably not what was
intended. I think
http://www.ietf.org/mail-archive/web/jose/current/msg04571.html<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fwww.ietf.org%2fmail-archive%2fweb%2fjose%2fcurrent%2fmsg04571.html&data=01%7c01%7cMichael.Jones%40microsoft.com%7c5c412cf1fc9748899edf08d298dc724c%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=jsG7h0tpLLziNVWERyga2k624XO3qF6rvm3ylM3azIc%3d>
has some info on how to fix that kind of thing.
2) It should actually refer to section
7<https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2ftools.ietf.org%2fhtml%2fdraft-ietf-jose-json-web-key-41%23section-7&data=01%7c01%7cMichael.Jones%40microsoft.com%7c5c412cf1fc9748899edf08d298dc724c%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=H4Er20uPM2HQwgpvg6koLJibn7JBRsrgGisfGmDU7Qg%3d>
of JWK rather than 6 as section 6 is about "String Comparison Rules" and 7 is
"Encrypted JWK and Encrypted JWK Set Formats".
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
