Hi Mike, I've suggested one extra clarification, but the rest of the changes made the document better. Thank you, Alexey
On Wed, Feb 28, 2018, at 3:04 AM, Mike Jones wrote: > I believe that the changes in > https://tools.ietf.org/html/draft-ietf-oauth-discovery-09 address the > DISCUSS and comments. Please review – ideally before the upcoming > telechat.> > Thanks again,> > -- Mike > > *From:* Mike Jones *Sent:* Monday, February 26, 2018 11:03 PM *To:* > The IESG <[email protected]>; Alexey Melnikov <[email protected]> > *Cc:* [email protected]; [email protected]; > [email protected] *Subject:* RE: [OAUTH-WG] Alexey Melnikov's Discuss on > draft-ietf-oauth-discovery-08: (with DISCUSS and COMMENT)> > The attached drafts address the DISCUSSes from Adam and Alexey in the > ways proposed. A summary of the changes from -08 is:> · Revised the > transformation between the issuer identifier and > the authorization server metadata location to conform to BCP 190, as > suggested by Adam Roach.> · Defined the characters allowed in > registered metadata names > and values, as suggested by Alexey Melnikov.> · Changed to using the > RFC 8174 boilerplate instead of the RFC > 2119 boilerplate, as suggested by Ben Campbell.> · Acknowledged > additional reviewers. > I’ve attached both source and .txt versions to facilitate comparison > to -08. Unless I hear additional suggestions for improvements by my > end of business Tuesday, I’ll plan to publish this as -09.> > Thanks all, > -- Mike > > *From:* Mike Jones *Sent:* Sunday, January 28, 2018 7:23 AM *To:* The > IESG <[email protected]>; Alexey Melnikov <[email protected]> *Cc:* > [email protected]; [email protected]; > [email protected] *Subject:* Re: [OAUTH-WG] Alexey Melnikov's Discuss on > draft-ietf-oauth-discovery-08: (with DISCUSS and COMMENT)> > Your understanding matches with the intent of the language from RFC > 7638. I'll plan to proceed on that basis then.> Thanks again, > -- Mike > From: Alexey Melnikov > Sent: Sunday, January 28, 7:04 AM > Subject: Re: [OAUTH-WG] Alexey Melnikov's Discuss on > draft-ietf-oauth-discovery- > 08: (with DISCUSS and COMMENT)> To: Mike Jones, The IESG > Cc: [email protected], [email protected], > [email protected]> Hi Mike, On Wed, Jan 24, 2018, at 10:11 PM, Mike Jones wrote: > > Thanks > for the useful review, Alexey. I propose that we use the same > > character restrictions that are described in > > https://tools.ietf.org/html/rfc7638#section-6, which are: > > (a) > require that member names being registered use > only printable ASCII > characters excluding double quote ('"') and > backslash ('\') (the > Unicode characters with code points U+0021, > U+0023 through U+005B, > and U+005D through U+007E), This looks reasonable. > or > > (b) if new > members are defined that use other code > points, require that their > definitions specify the exact Unicode code > point sequences used to > represent them. Furthermore, proposed > registrations that use Unicode > code points that can only be > represented in JSON strings as escaped > characters must not be > accepted. So just to double check: it is Ok > to register names in Greek or Cyrillic (for example) and they will be > compared in a case sensitive manner? > I also propose that we say that > member name comparison occurs in the > manner described in > https://tools.ietf.org/html/rfc7159#section-8.3. My understanding is > that RFC 7159 recommends case-sensitive comparison and that is fine > with me. > Will that work for you, Alexey? Best Regards, Alexey > > > Thanks, > -- Mike > > -----Original Message----- > From: Alexey > Melnikov [mailto:[email protected]] > Sent: Wednesday, January > 24, 2018 12:06 AM > To: The IESG > Cc: draft-ietf-oauth- > [email protected]; Hannes Tschofenig > ; [email protected]; > > [email protected]; [email protected] > Subject: Alexey Melnikov's > Discuss on draft-ietf-oauth-discovery-08: > (with DISCUSS and COMMENT) > > > Alexey Melnikov has entered the following ballot position for > > draft-ietf-oauth-discovery-08: Discuss > > When responding, please > keep the subject line intact and reply to all > email addresses > included in the To and CC lines. (Feel free to cut this > introductory > paragraph, however.) > > > Please refer to > https://www.ietf.org/iesg/statement/discuss-criteria.html > for more > information about IESG DISCUSS and COMMENT positions. > > > The > document, along with other ballot positions, can be found here: > > https://datatracker.ietf.org/doc/draft-ietf-oauth-discovery/ > > > > > ---------------------------------------------------------------------- > > DISCUSS: > > > --------------------------------------------------------------------- > - > > Thank you for the well written IANA Considerations section. I > have one > comment on it which should be easy to resolve: > > The > document doesn't seem to say anything about allowed characters in > > Metadata names. When the document talks about "case-insensitive > > matching", it is not clear how to implement the matching, because it > is > not clear whether or not Metadata names are ASCII only. If they > are not, > then you need to better define what "case insensitive" > means. > > > > --------------------------------------------------------------------- > - > COMMENT: > > --------------------------------------------------------------------- > - > > I am agreeing with Adam's DISCUSS. > > > > _______________________________________________ > OAuth mailing list > > [email protected] > https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
