Re: [OAUTH-WG] Fwd: New Version Notification for draft-lodderstedt-oauth-jwt-introspection-response-00.txt

[Brock Allen]

Why is TLS to the intospection endpoint not sufficient? Are you thinking there 
needs to be some multi-tenancy support of some kind?


-Brock

On 3/18/2018 3:33:16 PM, Torsten Lodderstedt <tors...@lodderstedt.net> wrote:
Hi all,

I just submitted a new draft that Vladimir Dzhuvinov and I have written. It 
proposes a JWT-based response type for Token Introspection. The objective is to 
provide resource servers with signed tokens in case they need cryptographic 
evidence that the AS created the token (e.g. for liability). 

I will present the new draft in the session on Wednesday.

kind regards,
Torsten. 


Anfang der weitergeleiteten Nachricht:

Von: internet-dra...@ietf.org [mailto:internet-dra...@ietf.org]

Betreff: New Version Notification for 
draft-lodderstedt-oauth-jwt-introspection-response-00.txt

Datum: 18. März 2018 um 20:19:37 MEZ

An: "Vladimir Dzhuvinov" <vladi...@connect2id.com 
[mailto:vladi...@connect2id.com]>, "Torsten Lodderstedt" 
<tors...@lodderstedt.net [mailto:tors...@lodderstedt.net]>



A new version of I-D, draft-lodderstedt-oauth-jwt-introspection-response-00..txt
has been successfully submitted by Torsten Lodderstedt and posted to the
IETF repository.

Name: draft-lodderstedt-oauth-jwt-introspection-response
Revision: 00
Title: JWT Response for OAuth Token Introspection
Document date: 2018-03-15
Group: Individual Submission
Pages: 5
URL:            
https://www.ietf.org/internet-drafts/draft-lodderstedt-oauth-jwt-introspection-response-00.txt
 
[https://www.ietf.org/internet-drafts/draft-lodderstedt-oauth-jwt-introspection-response-00.txt]
Status:         
https://datatracker..ietf.org/doc/draft-lodderstedt-oauth-jwt-introspection-response/
 
[https://datatracker.ietf.org/doc/draft-lodderstedt-oauth-jwt-introspection-response/]
Htmlized:       
https://tools.ietf.org/html/draft-lodderstedt-oauth-jwt-introspection-response-00
 
[https://tools.ietf.org/html/draft-lodderstedt-oauth-jwt-introspection-response-00]
Htmlized:       
https://datatracker.ietf.org/doc/html/draft-lodderstedt-oauth-jwt-introspection-response
 
[https://datatracker.ietf.org/doc/html/draft-lodderstedt-oauth-jwt-introspection-response]


Abstract:
  This draft proposes an additional JSON Web Token (JWT) based response
  for OAuth 2.0 Token Introspection.




Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org 
[http://tools.ietf.org].

The IETF Secretariat



_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth