[OAUTH-WG] Re: [IANA #1416059] expert review for draft-ietf-oauth-selective-disclosure-jwt (media-type-structured-suffix)

[Brian Campbell]

Thanks David,

Just to try and connect the dots on the various pieces here - this is the
same Structured Syntax Suffixes request as the last item in [media-types]
draft-ietf-oauth-selective-disclosure-jwt media types and structured syntax
suffix and registration review request
.


On Wed, Apr 2, 2025 at 2:16 PM David Dong via RT <
drafts-expert-review-comm...@iana.org> wrote:

> Dear Alexey Melnikov, Darrel Miller (cc: oauth WG),
>
> As the designated experts for the Structured Syntax Suffixes registry, can
> you review the proposed registration in
> draft-ietf-oauth-selective-disclosure-jwt-17 for us? Please see:
>
> https://datatracker.ietf.org/doc/draft-ietf-oauth-selective-disclosure-jwt/
>
> The due date is April 16th.
>
> If this is OK, when the IESG approves the document for publication, we'll
> make the registration at:
>
> https://www.iana.org/assignments/media-type-structured-suffix/
>
> Unless you ask us to wait for the other reviewer, we’ll act on the first
> response we receive.
>
> With thanks,
>
> David Dong
> IANA Services Sr. Specialist
>
> ___
> OAuth mailing list -- oauth@ietf.org
> To unsubscribe send an email to oauth-le...@ietf.org
>

-- 
_CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately 
by e-mail and delete the message and any file attachments from your 
computer. Thank you._
___
OAuth mailing list -- oauth@ietf.org
To unsubscribe send an email to oauth-le...@ietf.org

[OAUTH-WG] Re: OAuth Digest, Vol 198, Issue 21

[Michael Schwartz]

I very much support moving the Token Status List draft forward.

Gluu (via Janssen Project) has already implemented the draft spec and we've
found it to be an invaluable new tool in our toolbox.

Mike

--
Michael Schwartz
Gluu
Founder/CEO
https://www.linkedin.com/in/nynymike


On Mon, Apr 7, 2025 at 11:11 PM  wrote:

> Send OAuth mailing list submissions to
> oauth@ietf.org
>
> To subscribe or unsubscribe via email, send a message with subject or
> body 'help' to
> oauth-requ...@ietf.org
>
> You can reach the person managing the list at
> oauth-ow...@ietf.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of OAuth digest..."
>
> Today's Topics:
>
>1. Re: Second WGLC for Token Status List (Brian Campbell)
>2. Re: Second WGLC for Token Status List (Steffen Schwalm)
>
>
> --
>
> Message: 1
> Date: Mon, 7 Apr 2025 13:49:27 -0600
> From: Brian Campbell 
> Subject: [OAUTH-WG] Re: Second WGLC for Token Status List
> To: Steffen Schwalm 
> Cc: "torsten=40lodderstedt@dmarc.ietf.org"
> , oauth 
> Message-ID:
>  5ozgqetcuvb1xjjlwjnmevpl1qyhjxwfpp7li...@mail.gmail.com>
> Content-Type: multipart/alternative;
> boundary="4922c80632358abc"
>
> On Thu, Apr 3, 2025 at 11:33 AM Steffen Schwalm  >
> wrote:
>
> > I strongly oppose against moving forward the specification as Issues
> still
> > open.
> >
> >
> >
> >1. There´s no documented decision on the well-known x509 issue –
> >beside the wishes of the authors
> >
> >
> Having seen and participated in discussion of the issue on the mailing
> list, at "unofficial" events with WG participants, and at official events
> with WG participants - the decision was very clearly based on the wishes of
> the rough consensus of the WG participants. Speaking as an individual, of
> course.
>
>
>
>
> >1.
> >2. Still wait for information from chairs where and how to solve issue
> >when not in TokenStatusList
> >3. Means TokenStatusList contains privacy issue in case used for
> >Attestatiosn of attributes in eIDAS
> >
> >
> >
> >
> >
> > *Von:* Kristina Yasuda 
> > *Gesendet:* Mittwoch, 2. April 2025 00:22
> > *An:* ANTHONY NADALIN 
> > *Cc:* torsten=40lodderstedt@dmarc.ietf.org; oauth 
> > *Betreff:* [OAUTH-WG] Re: Second WGLC for Token Status List
> >
> >
> >
> > *Caution:* This email originated from outside of the organization.
> > Despite an upstream security check of attachments and links by Microsoft
> > Defender for Office, a residual risk always remains. Only open
> attachments
> > and links from known and trusted senders.
> >
> > I support moving this specification forward. It is a crucial building
> > block for lifecycle management of different tokens/credentials.
> >
> >
> >
> > On Tue, Apr 1, 2025 at 9:42 PM ANTHONY NADALIN 
> > wrote:
> >
> > support this moving forward as we need this in ISO
> >
> >
> >
> > Get Outlook for Android 
> > --
> >
> > *From:* torsten=40lodderstedt@dmarc.ietf.org  > 40lodderstedt@dmarc.ietf.org>
> > *Sent:* Tuesday, April 1, 2025 11:38:22 AM
> > *To:* oauth ; Rifaat Shekh-Yusef <
> rifaat.s.i...@gmail.com>
> > *Subject:* [OAUTH-WG] Re: Second WGLC for Token Status List
> >
> >
> >
> > Hi,
> >
> > I support moving this spec forward.
> >
> >
> >
> > best regards,
> >
> > Torsten.
> >
> > Am 24. März 2025, 13:41 +0100 schrieb Rifaat Shekh-Yusef <
> > rifaat.s.i...@gmail.com>:
> >
> > All,
> >
> > This is a *second WG Last Call* for the *Token Status List* document:
> > https://datatracker.ietf.org/doc/draft-ietf-oauth-status-list/
> >
> > Please, review this document and reply on the mailing list if you have
> any
> > comments or concerns, by *April 7th*.
> >
> > Regards,
> >   Rifaat & Hannes
> >
> >
> >
> > ___
> > OAuth mailing list -- oauth@ietf.org
> > To unsubscribe send an email to oauth-le...@ietf.org
> >
> > ___
> > OAuth mailing list -- oauth@ietf.org
> > To unsubscribe send an email to oauth-le...@ietf.org
> >
> > ___
> > OAuth mailing list -- oauth@ietf.org
> > To unsubscribe send an email to oauth-le...@ietf.org
> >
>
> --
> _CONFIDENTIALITY NOTICE: This email may contain confidential and
> privileged
> material for the sole use of the intended recipient(s). Any review, use,
> distribution or disclosure by others is strictly prohibited.  If you have
> received this communication in error, please notify the sender immediately
> by e-mail and delete the message and any file attachments from your
> computer. Thank you._
> -- next part --
> A message part incompatible with plain text digests has been removed ...
> Name: not available
> Type: text/html
> Size: 9477 bytes
> Desc: not a

[OAUTH-WG] Re: [IANA #1416059] expert review for draft-ietf-oauth-selective-disclosure-jwt (media-type-structured-suffix)

[Deb Cooley]

Alper,

This is a different sort of review - expert reviewers on a particular IANA
registry.

There are many drafts in the oauth working group that would be happy for a
review.  Take a peek at the mailing list or at the data tracker, pick one
and review away.

Deb Cooley
Sec AD

On Tue, Apr 8, 2025 at 8:48 AM Alper Kamil Demir  wrote:

> Hi,
> AFAIK, I understand you are looking for reviewers. Am I right?
>
> If so, you may consider me as a reviewer.
> best wishes,
> a
>
> David Dong via RT , 2 Nis 2025
> Çar, 23:15 tarihinde şunu yazdı:
>
>> Dear Alexey Melnikov, Darrel Miller (cc: oauth WG),
>>
>> As the designated experts for the Structured Syntax Suffixes registry,
>> can you review the proposed registration in
>> draft-ietf-oauth-selective-disclosure-jwt-17 for us? Please see:
>>
>>
>> https://datatracker.ietf.org/doc/draft-ietf-oauth-selective-disclosure-jwt/
>>
>> The due date is April 16th.
>>
>> If this is OK, when the IESG approves the document for publication, we'll
>> make the registration at:
>>
>> https://www.iana.org/assignments/media-type-structured-suffix/
>>
>> Unless you ask us to wait for the other reviewer, we’ll act on the first
>> response we receive.
>>
>> With thanks,
>>
>> David Dong
>> IANA Services Sr. Specialist
>>
>> ___
>> OAuth mailing list -- oauth@ietf.org
>> To unsubscribe send an email to oauth-le...@ietf.org
>>
>
> *“Uyarı: Bu e-posta mesajı kişiye özel olup, gizli bilgiler içeriyor
> olabilir. Eğer bu e-posta mesajı size yanlışlıkla ulaşmışsa, içeriğini
> hiçbir şekilde kullanmayınız ve ekli dosyaları açmayınız. Bu durumda lütfen
> e-posta mesajını gönderen kullanıcıya haber veriniz ve tüm elektronik ve
> yazılı kopyalarını siliniz. Adana Alparslan Türkeş Bilim ve Teknoloji
> Üniversitesi, bu e-posta mesajının içeriği ile ilgili olarak hiçbir
> hukuksal sorumluluğu kabul etmez.”*
>
> *“Di**sclaimer: T**his e-mail message is personal and may contain
> confidential information. If this e-mail message reaches you by mistake, do
> not use its contents in any way and do not open the attached files. In this
> case, please notify the user who sent the e-mail message and delete all
> electronic and written copies. Adana Alparslan Türkeş Science and
> Technology University does not accept any legal responsibility for the
> content of this e-mail message."*
>
>
> ___
> OAuth mailing list -- oauth@ietf.org
> To unsubscribe send an email to oauth-le...@ietf.org
>
___
OAuth mailing list -- oauth@ietf.org
To unsubscribe send an email to oauth-le...@ietf.org

[OAUTH-WG] Re: OAuth Digest, Vol 198, Issue 21

[Steffen Schwalm]

Let`s limit the application area of TokenStatusList to the US only 😉

Von: Michael Schwartz 
Gesendet: Dienstag, 8. April 2025 18:51
An: oauth@ietf.org
Betreff: [OAUTH-WG] Re: OAuth Digest, Vol 198, Issue 21


Caution: This email originated from outside of the organization. Despite an 
upstream security check of attachments and links by Microsoft Defender for 
Office, a residual risk always remains. Only open attachments and links from 
known and trusted senders.
I very much support moving the Token Status List draft forward.

Gluu (via Janssen Project) has already implemented the draft spec and we've 
found it to be an invaluable new tool in our toolbox.

Mike

--
Michael Schwartz
Gluu
Founder/CEO
https://www.linkedin.com/in/nynymike

On Mon, Apr 7, 2025 at 11:11 PM 
mailto:oauth-requ...@ietf.org>> wrote:
Send OAuth mailing list submissions to
oauth@ietf.org

To subscribe or unsubscribe via email, send a message with subject or
body 'help' to
oauth-requ...@ietf.org

You can reach the person managing the list at
oauth-ow...@ietf.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of OAuth digest..."

Today's Topics:

   1. Re: Second WGLC for Token Status List (Brian Campbell)
   2. Re: Second WGLC for Token Status List (Steffen Schwalm)


--

Message: 1
Date: Mon, 7 Apr 2025 13:49:27 -0600
From: Brian Campbell 
mailto:bcampb...@pingidentity.com>>
Subject: [OAUTH-WG] Re: Second WGLC for Token Status List
To: Steffen Schwalm 
mailto:Steffen.Schwalm@msg.group>>
Cc: 
"torsten=40lodderstedt@dmarc.ietf.org"

mailto:40lodderstedt@dmarc.ietf.org>>,
 oauth mailto:oauth@ietf.org>>
Message-ID:

mailto:5ozgqetcuvb1xjjlwjnmevpl1qyhjxwfpp7li...@mail.gmail.com>>
Content-Type: multipart/alternative;
boundary="4922c80632358abc"

On Thu, Apr 3, 2025 at 11:33 AM Steffen Schwalm 
mailto:Steffen.Schwalm@msg.group>>
wrote:

> I strongly oppose against moving forward the specification as Issues still
> open.
>
>
>
>1. There´s no documented decision on the well-known x509 issue –
>beside the wishes of the authors
>
>
Having seen and participated in discussion of the issue on the mailing
list, at "unofficial" events with WG participants, and at official events
with WG participants - the decision was very clearly based on the wishes of
the rough consensus of the WG participants. Speaking as an individual, of
course.




>1.
>2. Still wait for information from chairs where and how to solve issue
>when not in TokenStatusList
>3. Means TokenStatusList contains privacy issue in case used for
>Attestatiosn of attributes in eIDAS
>
>
>
>
>
> *Von:* Kristina Yasuda 
> mailto:yasudakrist...@gmail.com>>
> *Gesendet:* Mittwoch, 2. April 2025 00:22
> *An:* ANTHONY NADALIN mailto:nada...@prodigy.net>>
> *Cc:* 
> torsten=40lodderstedt@dmarc.ietf.org;
>  oauth mailto:oauth@ietf.org>>
> *Betreff:* [OAUTH-WG] Re: Second WGLC for Token Status List
>
>
>
> *Caution:* This email originated from outside of the organization.
> Despite an upstream security check of attachments and links by Microsoft
> Defender for Office, a residual risk always remains. Only open attachments
> and links from known and trusted senders.
>
> I support moving this specification forward. It is a crucial building
> block for lifecycle management of different tokens/credentials.
>
>
>
> On Tue, Apr 1, 2025 at 9:42 PM ANTHONY NADALIN 
> mailto:nada...@prodigy.net>>
> wrote:
>
> support this moving forward as we need this in ISO
>
>
>
> Get Outlook for Android 
> --
>
> *From:* 
> torsten=40lodderstedt@dmarc.ietf.org
>   40lodderstedt@dmarc.ietf.org>
> *Sent:* Tuesday, April 1, 2025 11:38:22 AM
> *To:* oauth mailto:oauth@ietf.org>>; Rifaat Shekh-Yusef 
> mailto:rifaat.s.i...@gmail.com>>
> *Subject:* [OAUTH-WG] Re: Second WGLC for Token Status List
>
>
>
> Hi,
>
> I support moving this spec forward.
>
>
>
> best regards,
>
> Torsten.
>
> Am 24. März 2025, 13:41 +0100 schrieb Rifaat Shekh-Yusef <
> rifaat.s.i...@gmail.com>:
>
> All,
>
> This is a *second WG Last Call* for the *Token Status List* document:
> https://datatracker.ietf.org/doc/draft-ietf-oauth-status-list/
>
> Please, review this document and reply on the mailing list if you have any
> comments or concerns, by *April 7th*.
>
> Regards,
>   Rifaat & Hannes
>
>
>
> ___
> OAuth mailing list -- oauth@ietf.org
> To unsubscribe send an email to 
> oauth-le...@ietf.org

[OAUTH-WG] Re: [IANA #1416059] expert review for draft-ietf-oauth-selective-disclosure-jwt (media-type-structured-suffix)

[Alper Kamil Demir]

Hi,
AFAIK, I understand you are looking for reviewers. Am I right?

If so, you may consider me as a reviewer.
best wishes,
a

David Dong via RT , 2 Nis 2025 Çar,
23:15 tarihinde şunu yazdı:

> Dear Alexey Melnikov, Darrel Miller (cc: oauth WG),
>
> As the designated experts for the Structured Syntax Suffixes registry, can
> you review the proposed registration in
> draft-ietf-oauth-selective-disclosure-jwt-17 for us? Please see:
>
> https://datatracker.ietf.org/doc/draft-ietf-oauth-selective-disclosure-jwt/
>
> The due date is April 16th.
>
> If this is OK, when the IESG approves the document for publication, we'll
> make the registration at:
>
> https://www.iana.org/assignments/media-type-structured-suffix/
>
> Unless you ask us to wait for the other reviewer, we’ll act on the first
> response we receive.
>
> With thanks,
>
> David Dong
> IANA Services Sr. Specialist
>
> ___
> OAuth mailing list -- oauth@ietf.org
> To unsubscribe send an email to oauth-le...@ietf.org
>

-- 
**“Uyarı: Bu e-posta mesajı kişiye özel olup, gizli
bilgiler içeriyor 
olabilir. Eğer bu e-posta mesajı size yanlışlıkla ulaşmışsa,
içeriğini 
hiçbir şekilde kullanmayınız ve ekli dosyaları açmayınız. Bu durumda
lütfen 
e-posta mesajını gönderen kullanıcıya haber veriniz ve tüm elektronik ve
yazılı kopyalarını siliniz. Adana Alparslan Türkeş Bilim ve Teknoloji
Üniversitesi, bu e-posta mesajının içeriği ile ilgili olarak hiçbir 
hukuksal
sorumluluğu kabul etmez.”**
**
**
**“Disclaimer: This 
e-mail message is personal and may contain confidential information. If 
this e-mail message reaches you by mistake, do not use its contents in any 
way and do not open the attached files. In this case, please notify the 
user who sent the e-mail message and delete all electronic and written 
copies. Adana Alparslan Türkeş Science and Technology University does not 
accept any legal responsibility for the content of this e-mail message."**
**
**

___
OAuth mailing list -- oauth@ietf.org
To unsubscribe send an email to oauth-le...@ietf.org