Hi Robert,
Good question. Chasing the RFC reference chains, RFC 6920 says that algorithms
have the syntax
1*unreserved
where "unreserved" is from RFC 3986, Section 2.3. That section defines the
unreserved character set as
unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~".
These are all characters that do not require encoding.
So I think we're good to go.
Thanks again,
-- Mike
-----Original Message-----
From: Robert Wilton via Datatracker <[email protected]>
Sent: Friday, May 27, 2022 2:57 AM
To: The IESG <[email protected]>
Cc: [email protected]; [email protected];
[email protected]; [email protected]; [email protected]
Subject: Robert Wilton's No Objection on
draft-ietf-oauth-jwk-thumbprint-uri-02: (with COMMENT)
Robert Wilton has entered the following ballot position for
draft-ietf-oauth-jwk-thumbprint-uri-02: No Objection
When responding, please keep the subject line intact and reply to all email
addresses included in the To and CC lines. (Feel free to cut this introductory
paragraph, however.)
Please refer to
https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/
for more information about how to handle DISCUSS and COMMENT positions.
The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-oauth-jwk-thumbprint-uri/
----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------
Hi,
I just wanted to confirm that the names of "Hash Name String" in the IANA
registry are always such that they can be directly used in URLs without
encoding. RFC 6920, section 9.4, didn't seem to specify any restriction, but
text if the rest of that RFC (that I'm not really familiar with) seems to
suggest/indicate that they use a restricted character set and hence are safe to
directly embed.
Thanks,
Rob
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
