[OAUTH-WG] I-D Action: draft-ietf-oauth-resource-metadata-00.txt

2023-09-06 Thread internet-drafts 
Internet-Draft draft-ietf-oauth-resource-metadata-00.txt is now available. It
is a work item of the Web Authorization Protocol (OAUTH) WG of the IETF.

   Title:   OAuth 2.0 Protected Resource Metadata
   Authors: Michael B. Jones
Phil Hunt
Aaron Parecki
   Name:draft-ietf-oauth-resource-metadata-00.txt
   Pages:   21
   Dates:   2023-09-06

Abstract:

   This specification defines a metadata format that an OAuth 2.0 client
   can use to obtain the information needed to interact with an OAuth
   2.0 protected resource.

The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-resource-metadata/

There is also an HTMLized version available at:
https://datatracker.ietf.org/doc/html/draft-ietf-oauth-resource-metadata-00

Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts


___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Re: [OAUTH-WG] OAuth 2.0 Protected Resource Metadata now with WWW-Authenticate

2023-09-06 Thread Rebecca Warren 


Get Outlook for iOS
___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Re: [OAUTH-WG] Call for adoption - Protected Resource Metadata

2023-09-06 Thread Atul Tulshibagwale 
I too have these open questions:
https://mailarchive.ietf.org/arch/msg/oauth/NLj-xnAZ4BtFs9z62OzCro4xxoc/
But I hope they are answered as the draft progresses in the WG.

On Wed, Sep 6, 2023 at 7:08 AM Brian Campbell  wrote:

> I did have a few unanswered comments/questions on the draft
> https://mailarchive.ietf.org/arch/msg/oauth/LA6sqNOV98D7wP44p2Hl6dpSmtg/
> that hopefully can be addressed as it progresses.
>
> On Wed, Sep 6, 2023 at 5:50 AM Rifaat Shekh-Yusef 
> wrote:
>
>> All,
>>
>> Based on the responses on this thread, we declare the *Protected
>> Resource Metadata* draft adopted as a WG document.
>>
>>
>> Authors,
>>
>> Feel free to submit a WG document at your convenience.
>>
>> Regards,
>>  Rifaat & Hannes
>>
>>
>> On Mon, Aug 28, 2023 at 5:28 AM Takahiko Kawasaki 
>> wrote:
>>
>>> I support adoption.
>>>
>>> In the past, when considering the encryption of JWT access tokens, I
>>> learned that the draft regarding the metadata of the resource server had
>>> expired, which was disappointing. For an authorization server to encrypt an
>>> access token with an asymmetric algorithm, it must obtain a public key of
>>> the target resource server, but there was no standardized way. I'm glad to
>>> see the specification has been revived. If it had been revived a bit
>>> earlier, the addition that was made as "client" metadata in the "JWT
>>> Response for OAuth Token Introspection" specification would likely have
>>> been treated as metadata for the "resource server."
>>>
>>> Best Regards,
>>> Takahiko Kawasaki
>>>
>>>
>>> On Thu, Aug 24, 2023 at 4:02 AM Rifaat Shekh-Yusef <
>>> rifaat.s.i...@gmail.com> wrote:
>>>
 All,

 This is an official call for adoption for the *Protected Resource
 Metadata* draft:
 https://datatracker.ietf.org/doc/draft-jones-oauth-resource-metadata/

 Please, reply on the mailing list and let us know if you are in favor
 of adopting this draft as WG document, by *Sep 6th.*

 Regards,
  Rifaat & Hannes

 ___
 OAuth mailing list
 OAuth@ietf.org
 https://www.ietf.org/mailman/listinfo/oauth

>>> ___
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
>>
>
> *CONFIDENTIALITY NOTICE: This email may contain confidential and
> privileged material for the sole use of the intended recipient(s). Any
> review, use, distribution or disclosure by others is strictly prohibited.
> If you have received this communication in error, please notify the sender
> immediately by e-mail and delete the message and any file attachments from
> your computer. Thank you.*___
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>
___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Re: [OAUTH-WG] Call for adoption - Protected Resource Metadata

2023-09-06 Thread Brian Campbell 
I did have a few unanswered comments/questions on the draft
https://mailarchive.ietf.org/arch/msg/oauth/LA6sqNOV98D7wP44p2Hl6dpSmtg/
that hopefully can be addressed as it progresses.

On Wed, Sep 6, 2023 at 5:50 AM Rifaat Shekh-Yusef 
wrote:

> All,
>
> Based on the responses on this thread, we declare the *Protected Resource
> Metadata* draft adopted as a WG document.
>
>
> Authors,
>
> Feel free to submit a WG document at your convenience.
>
> Regards,
>  Rifaat & Hannes
>
>
> On Mon, Aug 28, 2023 at 5:28 AM Takahiko Kawasaki 
> wrote:
>
>> I support adoption.
>>
>> In the past, when considering the encryption of JWT access tokens, I
>> learned that the draft regarding the metadata of the resource server had
>> expired, which was disappointing. For an authorization server to encrypt an
>> access token with an asymmetric algorithm, it must obtain a public key of
>> the target resource server, but there was no standardized way. I'm glad to
>> see the specification has been revived. If it had been revived a bit
>> earlier, the addition that was made as "client" metadata in the "JWT
>> Response for OAuth Token Introspection" specification would likely have
>> been treated as metadata for the "resource server."
>>
>> Best Regards,
>> Takahiko Kawasaki
>>
>>
>> On Thu, Aug 24, 2023 at 4:02 AM Rifaat Shekh-Yusef <
>> rifaat.s.i...@gmail.com> wrote:
>>
>>> All,
>>>
>>> This is an official call for adoption for the *Protected Resource
>>> Metadata* draft:
>>> https://datatracker.ietf.org/doc/draft-jones-oauth-resource-metadata/
>>>
>>> Please, reply on the mailing list and let us know if you are in favor of
>>> adopting this draft as WG document, by *Sep 6th.*
>>>
>>> Regards,
>>>  Rifaat & Hannes
>>>
>>> ___
>>> OAuth mailing list
>>> OAuth@ietf.org
>>> https://www.ietf.org/mailman/listinfo/oauth
>>>
>> ___
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>

-- 
_CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately 
by e-mail and delete the message and any file attachments from your 
computer. Thank you._
___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

[OAUTH-WG] (no subject)

2023-09-06 Thread Hector Zepeda 
Downloaded and install
___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Re: [OAUTH-WG] Call for adoption - Protected Resource Metadata

2023-09-06 Thread Rifaat Shekh-Yusef 
All,

Based on the responses on this thread, we declare the *Protected Resource
Metadata* draft adopted as a WG document.


Authors,

Feel free to submit a WG document at your convenience.

Regards,
 Rifaat & Hannes


On Mon, Aug 28, 2023 at 5:28 AM Takahiko Kawasaki  wrote:

> I support adoption.
>
> In the past, when considering the encryption of JWT access tokens, I
> learned that the draft regarding the metadata of the resource server had
> expired, which was disappointing. For an authorization server to encrypt an
> access token with an asymmetric algorithm, it must obtain a public key of
> the target resource server, but there was no standardized way. I'm glad to
> see the specification has been revived. If it had been revived a bit
> earlier, the addition that was made as "client" metadata in the "JWT
> Response for OAuth Token Introspection" specification would likely have
> been treated as metadata for the "resource server."
>
> Best Regards,
> Takahiko Kawasaki
>
>
> On Thu, Aug 24, 2023 at 4:02 AM Rifaat Shekh-Yusef <
> rifaat.s.i...@gmail.com> wrote:
>
>> All,
>>
>> This is an official call for adoption for the *Protected Resource
>> Metadata* draft:
>> https://datatracker.ietf.org/doc/draft-jones-oauth-resource-metadata/
>>
>> Please, reply on the mailing list and let us know if you are in favor of
>> adopting this draft as WG document, by *Sep 6th.*
>>
>> Regards,
>>  Rifaat & Hannes
>>
>> ___
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
>>
>
___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth