Re: [OAUTH-WG] JWK Thumbprint URI Specification

I would investigate whether there are advantages of having this be a URN vs a URI in a new base scheme (e.g. jkt:bTz_1…). I haven’t seen much URN namespacing of dynamic values (e.g. values not being maintained by the entity responsible for the namespace or sub-spaces), and a new scheme is a

[OAUTH-WG] [IANA #1216704] Expert Review for draft-ietf-oauth-iss-auth-resp (oauth-parameters) (2)

Attn: Hannes (OAuth Parameters registry expert) I'm resending a review request for a document that's listed on the next IESG telechat. Can you get to this before 12/2? thanks, Amanda Baber IANA Operations Manager On Tue Nov 16 21:17:59 2021, michelle.cotton wrote: > Mailing List/Expert Review

[OAUTH-WG] [IANA #1216703] Expert Review for draft-ietf-oauth-iss-auth-resp (oauth-parameters)

Attn: Michael, Nat, John and Dick (OAuth Authorization Server Metadata registry experts) I'm resending a review request for a document that's listed on the next IESG telechat. Can you get to this before 12/2? Please let us know if approval from all four experts is required. thanks, Amanda

Re: [OAUTH-WG] JWK Thumbprint URI Specification

The JWK Thumbprint is typically used as a key identifier. Yes, the key needs to be known by other means if you’re going to use it. Some protocols work that way, which is what this spec is intended to enable. For instance, the Self-Issued OpenID Provider (SIOP) v1 and v2 protocols send the

Re: [OAUTH-WG] JWK Thumbprint URI Specification

On 24/11/2021 20:07, Mike Jones wrote: The JSON Web Key (JWK) Thumbprint specification [RFC 7638] defines a method for computing a hash value over a JSON Web Key (JWK) [RFC 7517] and

[OAUTH-WG] JWK Thumbprint URI Specification

The JSON Web Key (JWK) Thumbprint specification [RFC 7638] defines a method for computing a hash value over a JSON Web Key (JWK) [RFC 7517] and encoding that hash in a URL-safe manner. Kristina