Hi All, Thank you very much for the constructive feedback. We have tried to address the WGLC comments received to date with the latest draft published at https://datatracker.ietf.org/doc/html/draft-ietf-oauth-jwk-thumbprint-uri-01.
Following are updates made to the document: - Added security considerations about multiple public keys coresponding to the same private key. - Added hash algorithm identifier after the JWK thumbprint URI prefix to make it explicit in a URI which hash algorithm is used. - Added reference to a registry for hash algorithm identifiers. - Added SHA-256 as a mandatory to implement hash algorithm to promote interoperability. Kindest Regards, Kristina From: OAuth <oauth-boun...@ietf.org> On Behalf Of Rifaat Shekh-Yusef Sent: Wednesday, February 2, 2022 4:19 AM To: oauth <oauth@ietf.org> Subject: [OAUTH-WG] WGLC for JWK Thumbprint URI document All, The JWK Thumbprint URI document is a simple and straightforward specification. This is a WG Last Call for this document: https://www.ietf.org/archive/id/draft-ietf-oauth-jwk-thumbprint-uri-00.html<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Farchive%2Fid%2Fdraft-ietf-oauth-jwk-thumbprint-uri-00.html&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7C798aea1808b74133e90308d9e64643b4%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637794012195931100%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=UDG%2F77OaaA%2BaTPiBiDzKYbyXUvJ2YY5m%2F7wO7OhW%2FNI%3D&reserved=0> Please, provide your feedback on the mailing list by Feb 16th. Regards, Rifaat & Hannes
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
