[Openid-specs-ab] Draft note to IETF

Brian Campbell bcampbell at pingidentity.com
Thu Jun 13 16:12:43 UTC 2013


"were have gone" -> "were to have gone" ... ?


On Thu, Jun 13, 2013 at 9:30 AM, Mike Jones <Michael.Jones at microsoft.com>wrote:

>  Tim – a slightly revised note follows.  The working group agreed for you
> to circulate it privately to insiders for feedback.  We also need to run
> this by the board before formally sending it, since it’s speaking on behalf
> of the foundation.  If you can let us know what kinds of informal feedback
> you receive, that would be great.****
>
> ** **
>
>                                                             -- Mike****
>
> ** **
>
> To: jose-chairs at tools.ietf.org; oauth-chairs at tools.ietf.org****
>
> Cc: iesg at ietf.org; draft-ietf-oauth-json-web-token at tools.ietf.org;
> draft-ietf-jose-json-web-encryption at tools.ietf.org****
>
> Subject: Liaison statement from OpenID Foundation to IETF on JWT and JOSE*
> ***
>
> ** **
>
> I’m writing on behalf of the OpenID Connect Working Group, in the OpenID
> Foundation.  We have been working for three years on specifying this
> identity-federation protocol. Our specifications have reached stability
> (what we call “Implementer’s Drafts”) and we anticipate a final vote and
> approval in the coming months.  We’re confident approval will be
> forthcoming since OpenID Connect is already in production at Google, a
> product has been announced by Ping Identity, a JWT product has shipped from
> Microsoft, and we expect numerous OpenID Connect and JWT deployments in the
> coming months.****
>
> ** **
>
> Our work is dependent on the JSON Web Token (JWT) and the JSON Object
> Signing and Encryption (JOSE) specifications, products of the IETF OAuth
> and JOSE working groups.  JWTs have been stable for some time, and code to
> parse and validate them is widely available in libraries for popular
> programming languages.  However, progress towards an RFC in JOSE seems
> slow, which is holding up the JWT RFC in OAuth, and we do not have a clear
> feeling when this work is likely to complete.  As chartered, the JOSE
> documents were have gone to working group last call a year ago and this
> still has not happened.****
>
> ** **
>
> Unfortunately, it’s not practical for our membership to wait indefinitely,
> and thus our most likely course of action will be to take dependencies
> on draft-ietf-oauth-json-web-token-08 and the -11 versions of the JOSE
> specifications or subsequent versions that are compatible with them when
> the time comes to publish our final specifications.  It would obviously be
> preferable for the JWT and JOSE RFCs to be completed in a timely fashion
> instead.****
>
> ** **
>
> We bring this to your attention simply because if some other organization
> were planning to lock in a dependency on one of our earlier drafts, we’d
> like to hear about it.****
>
> ** **
>
> -- Tim Bray for the OpenID Connect Working Group and the OpenID Foundation
> ****
>
> ** **
>
> *From:* openid-specs-ab-bounces at lists.openid.net [mailto:
> openid-specs-ab-bounces at lists.openid.net] *On Behalf Of *Brian Campbell
> *Sent:* Thursday, June 13, 2013 6:30 AM
> *To:* Tim Bray
> *Cc:* <openid-specs-ab at lists.openid.net>
> *Subject:* Re: [Openid-specs-ab] Draft note to IETF****
>
> ** **
>
> While somewhat esoteric, it's probably important in this context to be
> accurate about the various documents and the WGs that are responsible for
> them.****
>
> Though JWT does depend heavily on JOSE work, it itself isn't a JOSE WG
> item.  Rather it is a product of the OAUTH WG and, as such, asking the
> JOSE WG to do anything with JWT doesn't make a lot of sense.****
>
> The broader issue remains though and I support the Connect  group
> providing some encouragement to the IETF towards progressing the
> dependencies. But we probably need to acknowledge that even within the IETF
> the document and WG relationships are somewhat complicated by dependencies.
> ****
>
> ** **
>
> ** **
>
> On Wed, Jun 12, 2013 at 3:00 PM, Tim Bray <tbray at textuality.com> wrote:***
> *
>
> This should go to the JOSE WG chair, the ADs for that area, and the IESG**
> **
>
> ** **
>
> I’m writing on behalf of the OpenID Connect Working Group, in the OpenID
> Foundation.  We have been working for <insert-time-period> on specifying
> this identity-federation protocol. Our specifications have reached
> stability (what we call “implementor’s draft”) and we anticipate a final
> vote and approval in the coming months.  We’re confident approval will be
> forthcoming since OIDC is already in production at Google,
> <insert-other-deployments> and we expect deployments at
> <insert-other-predictions>.****
>
> ** **
>
> Our work is dependent on JWT, a product of the IETF “jose” working group.
>  JWTs have been stable for some time, and code to parse and validate them
> is widely available in libraries for popular programming languages.
>  However, progress towards an RFC in jose seems slow, and we do not have a
> feeling when this work is likely to stabilize.****
>
> ** **
>
> Unfortunately, it’s not practical for our membership to wait, and thus our
> most likely course of action will be to take a dependency
> on draft-ietf-oauth-json-web-token-08 when the time comes to publish our
> specification.  ****
>
> ** **
>
> We bring this to your attention simply because if some other organization
> were planning to lock in a dependency on one of our earlier drafts, we’d
> like to hear about it.  ****
>
> ** **
>
> [I’m going to unofficially run this by some of my IETF-insider contacts,
> but thought I should sanity-check the content here first]****
>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab****
>
> ** **
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20130613/5187b06b/attachment.html>


More information about the Openid-specs-ab mailing list