JSON Web Token Best Current Practices
draft-ietf-oauth-jwt-bcp-06

Revision differences

Document history

Date Rev. By Action
2019-07-22
06 Roman Danyliw
This document contains a normative reference to RFC8017, which is an informational document.  However, the last call text did not make note of this reference ...
2019-06-27
06 Adam Roach [Ballot Position Update] Position for Adam Roach has been changed to No Objection from Discuss
2019-06-27
06 Cindy Morgan IESG state changed to IESG Evaluation::Revised I-D Needed from IESG Evaluation
2019-06-27
06 Éric Vyncke
[Ballot comment]
Thank you all for the work put into this document. I have only one NIT

== NITS ==

-- Section 1.1 --

s/The ...
2019-06-27
06 Éric Vyncke [Ballot Position Update] New position, No Objection, has been recorded for Éric Vyncke
2019-06-27
06 Warren Kumari [Ballot Position Update] New position, No Objection, has been recorded for Warren Kumari
2019-06-26
06 Magnus Westerlund [Ballot Position Update] New position, No Objection, has been recorded for Magnus Westerlund
2019-06-26
06 Martin Vigoureux [Ballot comment]
Hello, thank you for this document.

I wonder whether [nist-sp-800-56a-r3] should be a normative reference.

Thanks
-m
2019-06-26
06 Martin Vigoureux [Ballot Position Update] New position, No Objection, has been recorded for Martin Vigoureux
2019-06-25
06 Mirja Kühlewind
[Ballot comment]
I'm by far no expert here but I don't really understand all attacks described. Maybe it's just me, however, especially 2.7 and 2.8 ...
2019-06-25
06 Mirja Kühlewind [Ballot Position Update] New position, No Objection, has been recorded for Mirja Kühlewind
2019-06-25
06 Deborah Brungard [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard
2019-06-25
06 Alvaro Retana [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana
2019-06-24
06 Adam Roach
[Ballot discuss]
Thanks for everyone who worked to get this document out the door. I found it to
be well-organized and easy to read.

--------------------------------------------------------------------------- ...
2019-06-24
06 Adam Roach
[Ballot comment]
§3.2:

>  That said, if a JWT is cryptographically protected by a transport
>  layer, such as TLS using cryptographically current algorithms, there ...
2019-06-24
06 Adam Roach [Ballot Position Update] New position, Discuss, has been recorded for Adam Roach
2019-06-24
06 Benjamin Kaduk
[Ballot discuss]
Thank you for assembling this document; it will be very valuable to the
community.  I intend to ballot Yes once the following items ...
2019-06-24
06 Benjamin Kaduk
[Ballot comment]
I also have some non-Discuss-level substantive comments in the section-by-section notes,
in addition to the usual editorial nits.

Section 1

  and/or encrypted.  ...
2019-06-24
06 Benjamin Kaduk [Ballot Position Update] New position, Discuss, has been recorded for Benjamin Kaduk
2019-06-24
06 Alissa Cooper
[Ballot comment]
= Section 1 =

Many of the recommendations in this document
  will actually be about implementation and use of the cryptographic
  ...
2019-06-24
06 Alissa Cooper [Ballot Position Update] New position, Yes, has been recorded for Alissa Cooper
2019-06-24
06 Suresh Krishnan [Ballot Position Update] New position, No Objection, has been recorded for Suresh Krishnan
2019-06-24
06 Barry Leiba
[Ballot comment]
Nice work on this; thanks.

-- Section 1 --

  Readers are advised to seek out any errata or updates that apply to ...
2019-06-24
06 Barry Leiba [Ballot Position Update] New position, Yes, has been recorded for Barry Leiba
2019-06-13
06 Brian Carpenter Request for Telechat review by GENART Completed: Ready. Reviewer: Brian Carpenter. Sent review to list.
2019-06-13
06 Jean Mahoney Request for Telechat review by GENART is assigned to Brian Carpenter
2019-06-13
06 Jean Mahoney Request for Telechat review by GENART is assigned to Brian Carpenter
2019-06-13
06 Roman Danyliw IESG state changed to IESG Evaluation from Waiting for Writeup
2019-06-07
06 (System) IANA Review state changed to IANA OK - No Actions Needed from Version Changed - Review Needed
2019-06-07
06 Cindy Morgan Placed on agenda for telechat - 2019-06-27
2019-06-07
06 Roman Danyliw Ballot has been issued
2019-06-07
06 Roman Danyliw [Ballot Position Update] New position, Yes, has been recorded for Roman Danyliw
2019-06-07
06 Roman Danyliw Created "Approve" ballot
2019-06-07
06 Roman Danyliw Ballot writeup was changed
2019-06-07
06 Roman Danyliw Ballot approval text was generated
2019-06-07
06 Yaron Sheffer New version available: draft-ietf-oauth-jwt-bcp-06.txt
2019-06-07
06 (System) New version approved
2019-06-07
06 (System) Request for posting confirmation emailed to previous authors: Dick Hardt <dick.hardt@gmail.com>, Yaron Sheffer <yaronf.ietf@gmail.com>, Michael Jones <mbj@microsoft.com>
2019-06-07
06 Yaron Sheffer Uploaded new revision
2019-06-03
05 Roman Danyliw Second AD Review: https://mailarchive.ietf.org/arch/msg/oauth/yI4GA6ZoKfOop8uwz_ERHYuNQzk
2019-04-16
05 (System) IANA Review state changed to Version Changed - Review Needed from IANA OK - No Actions Needed
2019-04-16
05 Yaron Sheffer New version available: draft-ietf-oauth-jwt-bcp-05.txt
2019-04-16
05 (System) New version approved
2019-04-16
05 (System) Request for posting confirmation emailed to previous authors: Yaron Sheffer <yaronf.ietf@gmail.com>, Dick Hardt <dick@amazon.com>, oauth-chairs@ietf.org, Michael Jones <mbj@microsoft.com>
2019-04-16
05 Yaron Sheffer Uploaded new revision
2019-04-08
04 (System) IESG state changed to Waiting for Writeup from In Last Call
2019-04-04
04 Tero Kivinen Request for Last Call review by SECDIR Completed: Ready. Reviewer: Radia Perlman.
2019-04-03
04 (System) IANA Review state changed to IANA OK - No Actions Needed from IANA - Review Needed
2019-04-03
04 Sabrina Tanamal
(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

The IANA Functions Operator has reviewed draft-ietf-oauth-jwt-bcp-04, which is currently in Last Call, and has the following comments:

We understand that ...
2019-04-03
04 Gunter Van de Velde Request for Last Call review by OPSDIR is assigned to Ron Bonica
2019-04-03
04 Gunter Van de Velde Request for Last Call review by OPSDIR is assigned to Ron Bonica
2019-03-30
04 Brian Carpenter Request for Last Call review by GENART Completed: Ready with Issues. Reviewer: Brian Carpenter. Sent review to list.
2019-03-28
04 Jean Mahoney Request for Last Call review by GENART is assigned to Brian Carpenter
2019-03-28
04 Jean Mahoney Request for Last Call review by GENART is assigned to Brian Carpenter
2019-03-28
04 Tero Kivinen Request for Last Call review by SECDIR is assigned to Radia Perlman
2019-03-28
04 Tero Kivinen Request for Last Call review by SECDIR is assigned to Radia Perlman
2019-03-27
04 Cindy Morgan Shepherding AD changed to Roman Danyliw
2019-03-25
04 Cindy Morgan IANA Review state changed to IANA - Review Needed
2019-03-25
04 Cindy Morgan
The following Last Call announcement was sent out (ends 2019-04-08):

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
CC: draft-ietf-oauth-jwt-bcp@ietf.org, ekr@rtfm.com, Hannes Tschofenig <hannes.tschofenig@arm.com>, oauth@ietf.org, hannes.tschofenig@arm.com, ...
2019-03-25
04 Cindy Morgan IESG state changed to In Last Call from Last Call Requested
2019-03-25
04 Eric Rescorla Last call was requested
2019-03-25
04 Eric Rescorla Last call announcement was generated
2019-03-25
04 Eric Rescorla Ballot approval text was generated
2019-03-25
04 Eric Rescorla Ballot writeup was generated
2019-03-25
04 Eric Rescorla IESG state changed to Last Call Requested from AD Evaluation::Revised I-D Needed
2018-12-21
04 Eric Rescorla IESG state changed to AD Evaluation::Revised I-D Needed from AD Evaluation::AD Followup
2018-12-21
04 Eric Rescorla Waiting for some more small changes.
2018-11-08
04 (System) Sub state has been changed to AD Followup from Revised ID Needed
2018-11-08
04 Yaron Sheffer New version available: draft-ietf-oauth-jwt-bcp-04.txt
2018-11-08
04 (System) New version approved
2018-11-08
04 (System) Request for posting confirmation emailed to previous authors: Yaron Sheffer <yaronf.ietf@gmail.com>, Dick Hardt <dick@amazon.com>, Michael Jones <mbj@microsoft.com>
2018-11-08
04 Yaron Sheffer Uploaded new revision
2018-11-04
03 Eric Rescorla IESG state changed to AD Evaluation::Revised I-D Needed from Publication Requested
2018-10-18
03 Rifaat Shekh-Yusef
(1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the proper type of RFC? ...
2018-10-18
03 Rifaat Shekh-Yusef Responsible AD changed to Eric Rescorla
2018-10-18
03 Rifaat Shekh-Yusef IETF WG state changed to Submitted to IESG for Publication from WG Document
2018-10-18
03 Rifaat Shekh-Yusef IESG state changed to Publication Requested
2018-10-18
03 Rifaat Shekh-Yusef IESG process started in state Publication Requested
2018-07-17
03 Hannes Tschofenig Changed consensus to Yes from Unknown
2018-07-17
03 Hannes Tschofenig Intended Status changed to Best Current Practice from None
2018-07-17
03 Hannes Tschofenig Notification list changed to Hannes Tschofenig <hannes.tschofenig@arm.com>
2018-07-17
03 Hannes Tschofenig Document shepherd changed to Hannes Tschofenig
2018-07-17
03 Hannes Tschofenig Changed document writeup
2018-05-07
03 Yaron Sheffer New version available: draft-ietf-oauth-jwt-bcp-03.txt
2018-05-07
03 (System) New version approved
2018-05-07
03 (System) Request for posting confirmation emailed to previous authors: Yaron Sheffer <yaronf.ietf@gmail.com>, Dick Hardt <dick@amazon.com>, Michael Jones <mbj@microsoft.com>
2018-05-07
03 Yaron Sheffer Uploaded new revision
2018-05-02
02 Yaron Sheffer New version available: draft-ietf-oauth-jwt-bcp-02.txt
2018-05-02
02 (System) New version approved
2018-05-02
02 (System) Request for posting confirmation emailed to previous authors: Yaron Sheffer <yaronf.ietf@gmail.com>, Dick Hardt <dick@amazon.com>, Michael Jones <mbj@microsoft.com>
2018-05-02
02 Yaron Sheffer Uploaded new revision
2018-03-22
01 Yaron Sheffer New version available: draft-ietf-oauth-jwt-bcp-01.txt
2018-03-22
01 (System) New version approved
2018-03-22
01 (System) Request for posting confirmation emailed to previous authors: Yaron Sheffer <yaronf.ietf@gmail.com>, Dick Hardt <dick@amazon.com>, Michael Jones <mbj@microsoft.com>
2018-03-22
01 Yaron Sheffer Uploaded new revision
2018-03-22
01 (System) Request for posting confirmation emailed to previous authors: Yaron Sheffer <yaronf.ietf@gmail.com>, Dick Hardt <dick@amazon.com>, Michael Jones <mbj@microsoft.com>
2018-03-22
01 Yaron Sheffer Uploaded new revision
2017-07-27
00 Rifaat Shekh-Yusef This document now replaces draft-sheffer-oauth-jwt-bcp instead of None
2017-07-27
00 Yaron Sheffer New version available: draft-ietf-oauth-jwt-bcp-00.txt
2017-07-27
00 (System) WG -00 approved
2017-07-19
00 Yaron Sheffer Set submitter to "Yaron Sheffer <yaronf.ietf@gmail.com>", replaces to draft-sheffer-oauth-jwt-bcp and sent approval email to group chairs: oauth-chairs@ietf.org
2017-07-19
00 Yaron Sheffer Uploaded new revision