Hi Mark, > Am 20.07.2018 um 17:47 schrieb Mark Dobrinic <[email protected]>: > > I +1 this,
thanks > > but at the same time, I'm wondering what happened with the argument that > this should be solved by Token Exchange instead of Introspect? We presented two use case in London, (1) providing evidence for the RS’s audit log and (2) providing/transforming tokens by a reverse proxy in front of a resource server. The WG advised us to consider token exchange for (2) so the current draft only addresses (1). kind regards, Torsten. > > Cheers! > > Mark > > >> On 20/07/18 17:39, Phil Hunt wrote: >> +1 adoption >> >> I have always been concerned about clients doing introspection. Use of >> jwt helps because responses further restricted rather than less (jwe). >> >> Phil >> >> On Jul 20, 2018, at 7:25 AM, Rob Otto >> <[email protected] >> <mailto:[email protected]>> wrote: >> >>> I support this as well >>> >>> On Fri, 20 Jul 2018 at 15:22, Brian Campbell >>> <[email protected] >>> <mailto:[email protected]>> wrote: >>> >>> +1 >>> >>> On Thu, Jul 19, 2018 at 1:51 PM, William Denniss >>> <[email protected] >>> <mailto:[email protected]>> wrote: >>> >>> I support adoption of this document by the working group. >>> >>> >>> On Thu, Jul 19, 2018 at 10:43 AM, Rifaat Shekh-Yusef >>> <[email protected] <mailto:[email protected]>> wrote: >>> >>> Hi all, >>> >>> This is the call for adoption of the 'JWT Response for >>> OAuth Token Introspection' document following the >>> presentation by Torsten at the Montreal IETF meeting where >>> we didn't have a chance to do a call for adoption in the >>> meeting itself. >>> >>> Here is presentation by Torsten: >>> >>> https://datatracker.ietf.org/meeting/102/materials/slides-102-oauth-sessa-jwt-response-for-oauth-token-introspection-00 >>> >>> Here is the document: >>> >>> https://tools.ietf.org/html/draft-lodderstedt-oauth-jwt-introspection-response-01 >>> >>> Please let us know by August 2nd whether you accept / >>> object to the adoption of this document as a starting >>> point for work in the OAuth working group. >>> >>> Regards, >>> Hannes & Rifaat >>> >>> _______________________________________________ >>> OAuth mailing list >>> [email protected] <mailto:[email protected]> >>> https://www.ietf.org/mailman/listinfo/oauth >>> >>> >>> >>> _______________________________________________ >>> OAuth mailing list >>> [email protected] <mailto:[email protected]> >>> https://www.ietf.org/mailman/listinfo/oauth >>> >>> >>> >>> /CONFIDENTIALITY NOTICE: This email may contain confidential and >>> privileged material for the sole use of the intended recipient(s). >>> Any review, use, distribution or disclosure by others is strictly >>> prohibited... If you have received this communication in error, >>> please notify the sender immediately by e-mail and delete the >>> message and any file attachments from your computer. Thank >>> you./_______________________________________________ >>> OAuth mailing list >>> [email protected] <mailto:[email protected]> >>> https://www.ietf.org/mailman/listinfo/oauth >>> >>> >>> >>> -- >>> <https://www.pingidentity.com>Ping Identity >>> <https://www.pingidentity.com> >>> Rob Otto >>> EMEA Field CTO/Solutions Architect >>> [email protected] <mailto:[email protected]> >>> >>> c: +44 (0) 777 135 6092 >>> >>> Connect with us: Glassdoor logo >>> <https://www.glassdoor.com/Overview/Working-at-Ping-Identity-EI_IE380907..11,24.htm> >>> LinkedIn logo <https://www.linkedin.com/company/21870> twitter logo >>> <https://twitter.com/pingidentity> facebook logo >>> <https://www.facebook.com/pingidentitypage> youtube logo >>> <https://www.youtube.com/user/PingIdentityTV> Google+ logo >>> <https://plus.google.com/u/0/114266977739397708540> Blog logo >>> <https://www.pingidentity.com/en/blog.html> >>> >>> <https://www.gartner.com/doc/reprints?id=1-5423XKW&ct=180620&st=sb> >>> >>> /CONFIDENTIALITY NOTICE: This email may contain confidential and >>> privileged material for the sole use of the intended recipient(s). Any >>> review, use, distribution or disclosure by others is strictly >>> prohibited.. If you have received this communication in error, please >>> notify the sender immediately by e-mail and delete the message and any >>> file attachments from your computer. Thank you./ >>> _______________________________________________ >>> OAuth mailing list >>> [email protected] <mailto:[email protected]> >>> https://www.ietf.org/mailman/listinfo/oauth >> >> >> _______________________________________________ >> OAuth mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/oauth >> > > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
