Re: [OAUTH-WG] Stephen Farrell's No Objection on draft-ietf-oauth-assertions-18: (with COMMENT)

On the topic of relay protection we added "jti" (JWT ID) Claim to the JWT spec so that we would have a claim to use for replay detection on assertions. In the Connect profile of the JWT assertions spec for client authentication we did make it required for the sender to include it, but gave some

[OAUTH-WG] Stephen Farrell's No Objection on draft-ietf-oauth-assertions-18: (with COMMENT)

Stephen Farrell has entered the following ballot position for draft-ietf-oauth-assertions-18: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer

[OAUTH-WG] New Assertion Drafts Published

New versions of all three OAuth assertion documents (listed below) have been published with changes incorporating feedback received during IESG Evaluation. Assertion Framework for OAuth 2.0 Client Authentication and Authorization Grants https://datatracker.ietf.org/doc/draft-ietf-oauth-assertions/

[OAUTH-WG] New Version Notification - draft-ietf-oauth-jwt-bearer-11.txt

A new version (-11) has been submitted for draft-ietf-oauth-jwt-bearer: http://www.ietf.org/internet-drafts/draft-ietf-oauth-jwt-bearer-11.txt Sub state has been changed to AD Followup from Revised ID Needed The IETF datatracker page for this Internet-Draft is: https://datatracker.ietf.org/doc/

[OAUTH-WG] I-D Action: draft-ietf-oauth-jwt-bearer-11.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Web Authorization Protocol Working Group of the IETF. Title : JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants Aut

[OAUTH-WG] New Version Notification - draft-ietf-oauth-saml2-bearer-22.txt

A new version (-22) has been submitted for draft-ietf-oauth-saml2-bearer: http://www.ietf.org/internet-drafts/draft-ietf-oauth-saml2-bearer-22.txt Sub state has been changed to AD Followup from Revised ID Needed The IETF datatracker page for this Internet-Draft is: https://datatracker.ietf.org/

[OAUTH-WG] I-D Action: draft-ietf-oauth-saml2-bearer-22.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Web Authorization Protocol Working Group of the IETF. Title : SAML 2.0 Profile for OAuth 2.0 Client Authentication and Authorization Grants Authors

[OAUTH-WG] New Version Notification - draft-ietf-oauth-assertions-18.txt

A new version (-18) has been submitted for draft-ietf-oauth-assertions: http://www.ietf.org/internet-drafts/draft-ietf-oauth-assertions-18.txt Sub state has been changed to AD Followup from Revised ID Needed The IETF datatracker page for this Internet-Draft is: https://datatracker.ietf.org/doc/

[OAUTH-WG] I-D Action: draft-ietf-oauth-assertions-18.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Web Authorization Protocol Working Group of the IETF. Title : Assertion Framework for OAuth 2.0 Client Authentication and Authorization Grants Authors

Re: [OAUTH-WG] Stephen Farrell's Discuss on draft-ietf-oauth-json-web-token-27: (with DISCUSS and COMMENT)

On Tue, Oct 21, 2014 at 9:16 AM, Stephen Farrell wrote: > > Hi Mike, > > I've one remaining discuss point and a comment. See below... > > On 14/10/14 13:50, Mike Jones wrote: > > The proposed resolutions below have been included in the -28 draft. > Hopefully you'll be able to clear your DISCUSSes

Re: [OAUTH-WG] Stephen Farrell's Discuss on draft-ietf-oauth-json-web-token-27: (with DISCUSS and COMMENT)

Hi Mike, I've one remaining discuss point and a comment. See below... On 14/10/14 13:50, Mike Jones wrote: > The proposed resolutions below have been included in the -28 draft. > Hopefully you'll be able to clear your DISCUSSes on that basis. > > The String Comparison Rules in Section 7.3 hav