[OAUTH-WG] Adam Roach's Discuss on draft-ietf-oauth-jwt-bcp-06: (with DISCUSS and COMMENT)

2019-06-24 Thread Adam Roach via Datatracker
Adam Roach has entered the following ballot position for draft-ietf-oauth-jwt-bcp-06: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://ww

Re: [OAUTH-WG] ID Token by Device Flow

2019-06-24 Thread Nat Sakimura
If you are willing to draft one, it should be able to be done reasonably quickly at OIDF. On Mon, Jun 24, 2019 at 8:17 PM William Denniss wrote: > > Hi Taka, > > On Mon, Jun 24, 2019 at 12:16 PM Takahiko Kawasaki wrote: >> >> Hi Justin, >> >> Thank you. Consensus will be that "openid" in the "sc

Re: [OAUTH-WG] ID Token by Device Flow

2019-06-24 Thread William Denniss
Hi Taka, On Mon, Jun 24, 2019 at 12:16 PM Takahiko Kawasaki wrote: > Hi Justin, > > Thank you. Consensus will be that "openid" in the "scope" request > parameter should trigger generation of an ID token. > +1, and the last time I checked, that’s how Google's implementation behaved. I'm wonderi

[OAUTH-WG] Benjamin Kaduk's Discuss on draft-ietf-oauth-jwt-bcp-06: (with DISCUSS and COMMENT)

2019-06-24 Thread Benjamin Kaduk via Datatracker
Benjamin Kaduk has entered the following ballot position for draft-ietf-oauth-jwt-bcp-06: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https:

Re: [OAUTH-WG] Second AD Review: draft-ietf-oauth-mtls

2019-06-24 Thread Brian Campbell
Thanks Roman, I'll work to incorporate those suggestions into the next revision before the impending I-D submission cutoff date. On Mon, Jun 24, 2019 at 2:14 PM Roman Danyliw wrote: > Hi Brian! > > > > My response is inline ... > > > > *From:* Brian Campbell [mailto:bcampb...@pingidentity.com] >

Re: [OAUTH-WG] Second AD Review: draft-ietf-oauth-mtls

2019-06-24 Thread Roman Danyliw
Hi Brian! My response is inline ... From: Brian Campbell [mailto:bcampb...@pingidentity.com] Sent: Monday, June 24, 2019 1:17 PM To: Roman Danyliw Cc: oauth Subject: Re: [OAUTH-WG] Second AD Review: draft-ietf-oauth-mtls Thanks for the additional review, Roman. I feel lucky, it's not often one

Re: [OAUTH-WG] [Gen-art] Genart telechat review of draft-ietf-oauth-jwt-bcp-06

2019-06-24 Thread Alissa Cooper
Brian, thanks for your reviews of this document. Yaron, thanks for addressing Brian’s comments. I entered a Yes ballot. Alissa > On Jun 13, 2019, at 10:12 PM, Brian Carpenter via Datatracker > wrote: > > Reviewer: Brian Carpenter > Review result: Ready > > Gen-ART telechat review of draft-ie

[OAUTH-WG] Alissa Cooper's Yes on draft-ietf-oauth-jwt-bcp-06: (with COMMENT)

2019-06-24 Thread Alissa Cooper via Datatracker
Alissa Cooper has entered the following ballot position for draft-ietf-oauth-jwt-bcp-06: Yes When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www

Re: [OAUTH-WG] ID Token by Device Flow

2019-06-24 Thread Takahiko Kawasaki
Hi Justin, Thank you. Consensus will be that "openid" in the "scope" request parameter should trigger generation of an ID token. I'm wondering if the WG plans to mention it explicitly in the spec and add "acr_values" request parameter. Best Regards, Taka 2019年6月25日(火) 1:13 Justin Richer : > Ta

Re: [OAUTH-WG] Second AD Review: draft-ietf-oauth-mtls

2019-06-24 Thread Brian Campbell
Thanks for the additional review, Roman. I feel lucky, it's not often one gets *two* AD reviews :) Please see below for replies inline with a few followup questions. On Sat, Jun 22, 2019 at 12:29 PM Roman Danyliw wrote: > Hi! > > I conducted as second AD review of draft-ietf-oauth-mtls per th

Re: [OAUTH-WG] ID Token by Device Flow

2019-06-24 Thread Justin Richer
Taka, My reading is that the device flow, like other OAuth flows, does not prohibit extension, including passing back identity assertions like the ID Token. Since it inherits the token response from core OAuth 2, the ID Token could be issued along side the access token just like in the authoriz

[OAUTH-WG] Barry Leiba's Yes on draft-ietf-oauth-jwt-bcp-06: (with COMMENT)

2019-06-24 Thread Barry Leiba via Datatracker
Barry Leiba has entered the following ballot position for draft-ietf-oauth-jwt-bcp-06: Yes When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.i