Adam Roach has entered the following ballot position for
draft-ietf-oauth-jwt-introspection-response-07: Discuss
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please
Brian,
Thank you for your reply and the explanation about the URI vs. an opaque value
(still wondering though about the privacy leaks but perhaps less important in
the world of OAuth).
I believe that the document would benefit if you could add some more
examples/use cases in section 1. Up to t
Hi Remco,
> On 31. Aug 2019, at 21:27, Schaar, R.M. (Remco) - Logius
> wrote:
>
> Hello Torsten,
>
> (my apologies for making a typo previously)
Thanks :-)
>
> Time of introspection is critical if you want to use the signed introspection
> response for later accountability or audit purposes
Stewart, thanks for your review. Brian, thanks for the fix. I’ve entered a No
Objection ballot.
Regards,
Alissa
> On Aug 13, 2019, at 2:43 PM, Brian Campbell
> wrote:
>
> Thanks for the review Stewart and my apologies for the slow response - I left
> on a longish summer family vacation the d
Thanks Alissa!
On Wed, Sep 4, 2019 at 8:36 AM Alissa Cooper wrote:
> Stewart, thanks for your review. Brian, thanks for the fix. I’ve entered a
> No Objection ballot.
>
> Regards,
> Alissa
>
> On Aug 13, 2019, at 2:43 PM, Brian Campbell <
> bcampbell=40pingidentity@dmarc.ietf.org> wrote:
>
>
Alissa Cooper has entered the following ballot position for
draft-ietf-oauth-jwt-introspection-response-07: No Objection
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Linda, thank you for your review. I have entered a No Objection ballot.
Alissa
> On Aug 5, 2019, at 5:22 PM, Linda Dunbar via Datatracker
> wrote:
>
> Reviewer: Linda Dunbar
> Review result: Ready
>
> I am the assigned Gen-ART reviewer for this draft. The General Area
> Review Team (Gen-ART)
As I’ve said in the past, I think there is and should be a clear difference
between a JWT access token and a JWT-formatted response from any endpoint. It
gets extra fuzzy here because the response from the endpoint represents the
token being introspected.
However, I think they are still two ver
One of the issues I have with the current structure aligns with Ben’s comments
below — we have two things that feel token-ish, the input token and the
resulting JWT response. However, the JWT in the response is not actually a
:token: in the OAuth sense. Instead, it’s an assertion that carries pa
+1
This feels like it has similar requirements and concerns as for SET and may be
should leverage it to avoid confusion and inconsistencies down the road.
Phil
> On Sep 4, 2019, at 12:49 PM, Justin Richer wrote:
>
> As I’ve said in the past, I think there is and should be a clear difference
Thanks Adam, for the review and No Objection ballot.
On Wed, Sep 4, 2019 at 12:07 AM Adam Roach via Datatracker
wrote:
> Adam Roach has entered the following ballot position for
> draft-ietf-oauth-resource-indicators-05: No Objection
>
> --
> Yeah, with query parameters lacking the hierarchical semantics that the path
> component has, it is much less clear. In fact, an earlier revision of the
> draft forbid the query part as I was trying to avoid the ambiguity that it
> brings. But there were enough folks with some use case for it
To be clear, I am in no way suggesting we should leverage SET for this draft.
That would be a terrible idea. I am saying that the solution might be a similar
pattern that SET used for grouping the claims under a top level claim. It’s a
pattern I wish more applications of JWT would use, but JWT s
Thanks Barry, I kinda like it. Although I'm a bit hesitant to make a change
like that at this stage. I guess I'd be looking for a little more buy-in
from folks first. Though it's not actually a functional breaking change. So
maybe okay to just go with.
On Wed, Sep 4, 2019 at 2:54 PM Barry Leiba w
Benjamin Kaduk has entered the following ballot position for
draft-ietf-oauth-resource-indicators-05: No Objection
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Pleas
Thanks Ben, for the review and non-objectional ballot.
On Wed, Sep 4, 2019 at 3:13 PM Benjamin Kaduk via Datatracker <
nore...@ietf.org> wrote:
> Benjamin Kaduk has entered the following ballot position for
> draft-ietf-oauth-resource-indicators-05: No Objection
-
On Wed, Sep 04, 2019 at 05:19:27PM -0600, Brian Campbell wrote:
> Thanks Ben, for the review and non-objectional ballot.
>
> On Wed, Sep 4, 2019 at 3:13 PM Benjamin Kaduk via Datatracker <
> nore...@ietf.org> wrote:
>
> > Benjamin Kaduk has entered the following ballot position for
> > draft-ietf
On Wed, Sep 4, 2019 at 5:55 PM Benjamin Kaduk wrote:
> On Wed, Sep 04, 2019 at 05:19:27PM -0600, Brian Campbell wrote:
> > Thanks Ben, for the review and non-objectional ballot.
> >
> > On Wed, Sep 4, 2019 at 3:13 PM Benjamin Kaduk via Datatracker <
> > nore...@ietf.org> wrote:
> >
> > > Benjamin
18 matches
Mail list logo
