Script updating gh-pages from 2a9cf90. [ci skip]

draft-demarco-oauth-nonce-endpoint.html

@@ -10,12 +10,12 @@
 <meta content="
        This document defines a Nonce Endpoint and details how a Server generates and issues opaque Nonces and how a client can learn about this endpoint to obtain the Nonce. 
     " name="description">
-<meta content="xml2rfc 3.19.4" name="generator">
+<meta content="xml2rfc 3.21.0" name="generator">
 <meta content="OAuth 2.0" name="keyword">
 <meta content="draft-demarco-oauth-nonce-endpoint-latest" name="ietf.draft">
 <!-- Generator version information:
-  xml2rfc 3.19.4
-    Python 3.11.6
+  xml2rfc 3.21.0
+    Python 3.11.9
     ConfigArgParse 1.7
     google-i18n-address 3.1.0
     intervaltree 3.1.0
@@ -1026,11 +1026,11 @@
 <thead><tr>
 <td class="left">Internet-Draft</td>
 <td class="center">Nonce Endpoint</td>
-<td class="right">February 2024</td>
+<td class="right">April 2024</td>
 </tr></thead>
 <tfoot><tr>
 <td class="left">Marco &amp; Steele</td>
-<td class="center">Expires 31 August 2024</td>
+<td class="center">Expires 20 October 2024</td>
 <td class="right">[Page]</td>
 </tr></tfoot>
 </table>
@@ -1043,12 +1043,12 @@
 <dd class="internet-draft">draft-demarco-oauth-nonce-endpoint-latest</dd>
 <dt class="label-published">Published:</dt>
 <dd class="published">
-<time datetime="2024-02-28" class="published">28 February 2024</time>
+<time datetime="2024-04-18" class="published">18 April 2024</time>
     </dd>
 <dt class="label-intended-status">Intended Status:</dt>
 <dd class="intended-status">Informational</dd>
 <dt class="label-expires">Expires:</dt>
-<dd class="expires"><time datetime="2024-08-31">31 August 2024</time></dd>
+<dd class="expires"><time datetime="2024-10-20">20 October 2024</time></dd>
 <dt class="label-authors">Authors:</dt>
 <dd class="authors">
 <div class="author">
@@ -1097,7 +1097,7 @@ <h2 id="name-status-of-this-memo">
         time. It is inappropriate to use Internet-Drafts as reference
         material or to cite them other than as "work in progress."<a href="#section-boilerplate.1-3" class="pilcrow">¶</a></p>
 <p id="section-boilerplate.1-4">
-        This Internet-Draft will expire on 31 August 2024.<a href="#section-boilerplate.1-4" class="pilcrow">¶</a></p>
+        This Internet-Draft will expire on 20 October 2024.<a href="#section-boilerplate.1-4" class="pilcrow">¶</a></p>
 </section>
 </div>
 <div id="copyright">
@@ -1420,11 +1420,12 @@ <h2 id="name-nonce-endpoint-discovery">
       <h2 id="name-non-normative-examples-of-a">
 <a href="#section-9" class="section-number selfRef">9. </a><a href="#name-non-normative-examples-of-a" class="section-name selfRef">Non-normative Examples of a Nonce Payload</a>
       </h2>
-<p id="section-9-1">The decrypted Nonce payload may use different formats and encodings, according to the different implemententative requirements, and contains any kind of implementation-specific claims, such as the issuance time, the time of expiration, the audiences and other where needed.<a href="#section-9-1" class="pilcrow">¶</a></p>
-<p id="section-9-2">Below are provided some non-normative examples, describing how a decrypted and JSON serialized Nonce payload may appear:<a href="#section-9-2" class="pilcrow">¶</a></p>
+<p id="section-9-1">The decrypted Nonce payload <span class="bcp14">MAY</span> use different formats and encodings, according to the different implementation requirements and contain any kind of implementation-specific claims, such as the issuance time, the time of expiration, the audiences and others where needed.<a href="#section-9-1" class="pilcrow">¶</a></p>
+<p id="section-9-2">Below are provided some non-normative examples, describing how a decrypted and JSON serialized Nonce payload <span class="bcp14">MAY</span> appear:<a href="#section-9-2" class="pilcrow">¶</a></p>
 <div class="alignLeft art-text artwork" id="section-9-3">
 <pre>
 {
+  "jti": "0452767d-549d-4765-bd43-a0bcc2a6659a",
   "iss": "https://server.example.org",
   "iat": 1615908701,
   "exp": 1615995101,
@@ -1436,7 +1437,8 @@ <h2 id="name-non-normative-examples-of-a">
 }
 </pre><a href="#section-9-3" class="pilcrow">¶</a>
 </div>
-<p id="section-9-4">Please note that the values represented in the previous examples may depend on domain specific requirements and <span class="bcp14">MUST NOT</span> be intended as normative.<a href="#section-9-4" class="pilcrow">¶</a></p>
+<p id="section-9-4">Please note that the values represented in the previous examples are informative.<a href="#section-9-4" class="pilcrow">¶</a></p>
+<p id="section-9-5">In any case, the payload <span class="bcp14">MUST</span> include some unique value (<code>"jti"</code> on the example above), typically generated using a pseudo-random number generator with sufficient entropy <span>[<a href="#RFC4086" class="cite xref">RFC4086</a>]</span>, to ensure that the encrypted digest (the actual Nonce) is also unique.<a href="#section-9-5" class="pilcrow">¶</a></p>
 </section>
 </div>
 <div id="security-considerations">
@@ -1515,6 +1517,10 @@ <h3 id="name-normative-references">
         <dd>
 <span class="refAuthor">Bradner, S.</span>, <span class="refTitle">"Key words for use in RFCs to Indicate Requirement Levels"</span>, <span class="seriesInfo">BCP 14</span>, <span class="seriesInfo">RFC 2119</span>, <span class="seriesInfo">DOI 10.17487/RFC2119</span>, <time datetime="1997-03" class="refDate">March 1997</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc2119">https://www.rfc-editor.org/rfc/rfc2119</a>&gt;</span>. </dd>
 <dd class="break"></dd>
+<dt id="RFC4086">[RFC4086]</dt>
+        <dd>
+<span class="refAuthor">Eastlake 3rd, D.</span>, <span class="refAuthor">Schiller, J.</span>, and <span class="refAuthor">S. Crocker</span>, <span class="refTitle">"Randomness Requirements for Security"</span>, <span class="seriesInfo">BCP 106</span>, <span class="seriesInfo">RFC 4086</span>, <span class="seriesInfo">DOI 10.17487/RFC4086</span>, <time datetime="2005-06" class="refDate">June 2005</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc4086">https://www.rfc-editor.org/rfc/rfc4086</a>&gt;</span>. </dd>
+<dd class="break"></dd>
 <dt id="RFC5246">[RFC5246]</dt>
         <dd>
 <span class="refAuthor">Dierks, T.</span> and <span class="refAuthor">E. Rescorla</span>, <span class="refTitle">"The Transport Layer Security (TLS) Protocol Version 1.2"</span>, <span class="seriesInfo">RFC 5246</span>, <span class="seriesInfo">DOI 10.17487/RFC5246</span>, <time datetime="2008-08" class="refDate">August 2008</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc5246">https://www.rfc-editor.org/rfc/rfc5246</a>&gt;</span>. </dd>
@@ -1546,11 +1552,12 @@ <h3 id="name-informative-references">
 <dl class="references">
 <dt id="BCP195">[BCP195]</dt>
       <dd>
+<div class="refInstance">Best Current Practice 195, <span>&lt;<a href="https://www.rfc-editor.org/info/bcp195">https://www.rfc-editor.org/info/bcp195</a>&gt;</span>.<br><span>At the time of writing, this BCP comprises the following:</span>
+</div>
 <div class="refInstance" id="RFC8996">
-            <span class="refAuthor">Moriarty, K.</span> and <span class="refAuthor">S. Farrell</span>, <span class="refTitle">"Deprecating TLS 1.0 and TLS 1.1"</span>, <span class="seriesInfo">BCP 195</span>, <span class="seriesInfo">RFC 8996</span>, <time datetime="2021-03" class="refDate">March 2021</time>. </div>
+            <span class="refAuthor">Moriarty, K.</span> and <span class="refAuthor">S. Farrell</span>, <span class="refTitle">"Deprecating TLS 1.0 and TLS 1.1"</span>, <span class="seriesInfo">BCP 195</span>, <span class="seriesInfo">RFC 8996</span>, <span class="seriesInfo">DOI 10.17487/RFC8996</span>, <time datetime="2021-03" class="refDate">March 2021</time>, <span>&lt;<a href="https://www.rfc-editor.org/info/rfc8996">https://www.rfc-editor.org/info/rfc8996</a>&gt;</span>. </div>
 <div class="refInstance" id="RFC9325">
-            <span class="refAuthor">Sheffer, Y.</span>, <span class="refAuthor">Saint-Andre, P.</span>, and <span class="refAuthor">T. Fossati</span>, <span class="refTitle">"Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)"</span>, <span class="seriesInfo">BCP 195</span>, <span class="seriesInfo">RFC 9325</span>, <time datetime="2022-11" class="refDate">November 2022</time>. </div>
-<span>&lt;<a href="https://www.rfc-editor.org/info/bcp195">https://www.rfc-editor.org/info/bcp195</a>&gt;</span>
+            <span class="refAuthor">Sheffer, Y.</span>, <span class="refAuthor">Saint-Andre, P.</span>, and <span class="refAuthor">T. Fossati</span>, <span class="refTitle">"Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)"</span>, <span class="seriesInfo">BCP 195</span>, <span class="seriesInfo">RFC 9325</span>, <span class="seriesInfo">DOI 10.17487/RFC9325</span>, <time datetime="2022-11" class="refDate">November 2022</time>, <span>&lt;<a href="https://www.rfc-editor.org/info/rfc9325">https://www.rfc-editor.org/info/rfc9325</a>&gt;</span>. </div>
 </dd>
 <dd class="break"></dd>
 </dl>

draft-demarco-oauth-nonce-endpoint.txt

@@ -5,8 +5,8 @@
 Network Working Group                                        G. D. Marco
 Internet-Draft                                               Independent
 Intended status: Informational                                 O. Steele
-Expires: 31 August 2024                                        Transmute
-                                                        28 February 2024
+Expires: 20 October 2024                                       Transmute
+                                                           18 April 2024
 
 
                            The Nonce Endpoint
@@ -46,7 +46,7 @@ Status of This Memo
    time.  It is inappropriate to use Internet-Drafts as reference
    material or to cite them other than as "work in progress."
 
-   This Internet-Draft will expire on 31 August 2024.
+   This Internet-Draft will expire on 20 October 2024.
 
 Copyright Notice
 
@@ -281,16 +281,16 @@ Table of Contents
 
 9.  Non-normative Examples of a Nonce Payload
 
-   The decrypted Nonce payload may use different formats and encodings,
-   according to the different implemententative requirements, and
-   contains any kind of implementation-specific claims, such as the
-   issuance time, the time of expiration, the audiences and other where
-   needed.
+   The decrypted Nonce payload MAY use different formats and encodings,
+   according to the different implementation requirements and contain
+   any kind of implementation-specific claims, such as the issuance
+   time, the time of expiration, the audiences and others where needed.
 
    Below are provided some non-normative examples, describing how a
-   decrypted and JSON serialized Nonce payload may appear:
+   decrypted and JSON serialized Nonce payload MAY appear:
 
    {
+     "jti": "0452767d-549d-4765-bd43-a0bcc2a6659a",
      "iss": "https://server.example.org",
      "iat": 1615908701,
      "exp": 1615995101,
@@ -301,9 +301,13 @@ Table of Contents
      ]
    }
 
-   Please note that the values represented in the previous examples may
-   depend on domain specific requirements and MUST NOT be intended as
-   normative.
+   Please note that the values represented in the previous examples are
+   informative.
+
+   In any case, the payload MUST include some unique value ("jti" on the
+   example above), typically generated using a pseudo-random number
+   generator with sufficient entropy [RFC4086], to ensure that the
+   encrypted digest (the actual Nonce) is also unique.
 
 10.  Security Considerations
 
@@ -400,6 +404,11 @@ Table of Contents
               DOI 10.17487/RFC2119, March 1997,
               <https://www.rfc-editor.org/rfc/rfc2119>.
 
+   [RFC4086]  Eastlake 3rd, D., Schiller, J., and S. Crocker,
+              "Randomness Requirements for Security", BCP 106, RFC 4086,
+              DOI 10.17487/RFC4086, June 2005,
+              <https://www.rfc-editor.org/rfc/rfc4086>.
+
    [RFC5246]  Dierks, T. and E. Rescorla, "The Transport Layer Security
               (TLS) Protocol Version 1.2", RFC 5246,
               DOI 10.17487/RFC5246, August 2008,
@@ -423,15 +432,19 @@ Table of Contents
 
 13.2.  Informative References
 
-   [BCP195]   Moriarty, K. and S. Farrell, "Deprecating TLS 1.0 and TLS
-              1.1", BCP 195, RFC 8996, March 2021.
+   [BCP195]   Best Current Practice 195,
+              <https://www.rfc-editor.org/info/bcp195>.
+              At the time of writing, this BCP comprises the following:
+
+              Moriarty, K. and S. Farrell, "Deprecating TLS 1.0 and TLS
+              1.1", BCP 195, RFC 8996, DOI 10.17487/RFC8996, March 2021,
+              <https://www.rfc-editor.org/info/rfc8996>.
 
               Sheffer, Y., Saint-Andre, P., and T. Fossati,
               "Recommendations for Secure Use of Transport Layer
               Security (TLS) and Datagram Transport Layer Security
-              (DTLS)", BCP 195, RFC 9325, November 2022.
-
-              <https://www.rfc-editor.org/info/bcp195>
+              (DTLS)", BCP 195, RFC 9325, DOI 10.17487/RFC9325, November
+              2022, <https://www.rfc-editor.org/info/rfc9325>.
 
 Acknowledgments
 

index.html

@@ -24,54 +24,6 @@ <h1>Editor's drafts for main branch of <a href="https://github.com/peppelinux/dr
         <td></td>
       </tr>
     </table>
-    <h2>Preview for branch <a href="seq-diag">seq-diag</a></h2>
-    <table id="branch-seq-diag">
-      <tr>
-        <td><a href="seq-diag/draft-demarco-nonce-endpoint.html" class="html draft-demarco-nonce-endpoint" title=" (HTML)"></a></td>
-        <td><a href="seq-diag/draft-demarco-nonce-endpoint.txt" class="txt draft-demarco-nonce-endpoint" title=" (Text)">plain text</a></td>
-        <td><a href="https://author-tools.ietf.org/api/iddiff?url_1=https://peppelinux.github.io/draft-demarco-oauth-nonce-endpoint/draft-demarco-nonce-endpoint.txt&amp;url_2=https://peppelinux.github.io/draft-demarco-oauth-nonce-endpoint/seq-diag/draft-demarco-nonce-endpoint.txt" class="diff draft-demarco-nonce-endpoint">diff with main</a></td>
-      </tr>
-    </table>
-    <h2>Preview for branch <a href="ab">ab</a></h2>
-    <table id="branch-ab">
-      <tr>
-        <td><a href="ab/draft-demarco-oauth-nonce-endpoint.html" class="html draft-demarco-oauth-nonce-endpoint" title="The Nonce Endpoint (HTML)">Nonce Endpoint</a></td>
-        <td><a href="ab/draft-demarco-oauth-nonce-endpoint.txt" class="txt draft-demarco-oauth-nonce-endpoint" title="The Nonce Endpoint (Text)">plain text</a></td>
-        <td><a href="https://author-tools.ietf.org/api/iddiff?url_1=https://peppelinux.github.io/draft-demarco-oauth-nonce-endpoint/draft-demarco-oauth-nonce-endpoint.txt&amp;url_2=https://peppelinux.github.io/draft-demarco-oauth-nonce-endpoint/ab/draft-demarco-oauth-nonce-endpoint.txt" class="diff draft-demarco-oauth-nonce-endpoint">diff with main</a></td>
-      </tr>
-    </table>
-    <h2>Preview for branch <a href="metadata">metadata</a></h2>
-    <table id="branch-metadata">
-      <tr>
-        <td><a href="metadata/draft-demarco-nonce-endpoint.html" class="html draft-demarco-nonce-endpoint" title=" (HTML)"></a></td>
-        <td><a href="metadata/draft-demarco-nonce-endpoint.txt" class="txt draft-demarco-nonce-endpoint" title=" (Text)">plain text</a></td>
-        <td><a href="https://author-tools.ietf.org/api/iddiff?url_1=https://peppelinux.github.io/draft-demarco-oauth-nonce-endpoint/draft-demarco-nonce-endpoint.txt&amp;url_2=https://peppelinux.github.io/draft-demarco-oauth-nonce-endpoint/metadata/draft-demarco-nonce-endpoint.txt" class="diff draft-demarco-nonce-endpoint">diff with main</a></td>
-      </tr>
-    </table>
-    <h2>Preview for branch <a href="noauth">noauth</a></h2>
-    <table id="branch-noauth">
-      <tr>
-        <td><a href="noauth/draft-demarco-oauth-nonce-endpoint.html" class="html draft-demarco-oauth-nonce-endpoint" title="The Nonce Endpoint (HTML)">Nonce Endpoint</a></td>
-        <td><a href="noauth/draft-demarco-oauth-nonce-endpoint.txt" class="txt draft-demarco-oauth-nonce-endpoint" title="The Nonce Endpoint (Text)">plain text</a></td>
-        <td>same as main</td>
-      </tr>
-    </table>
-    <h2>Preview for branch <a href="notonlyas">notonlyas</a></h2>
-    <table id="branch-notonlyas">
-      <tr>
-        <td><a href="notonlyas/draft-demarco-nonce-endpoint.html" class="html draft-demarco-nonce-endpoint" title=" (HTML)"></a></td>
-        <td><a href="notonlyas/draft-demarco-nonce-endpoint.txt" class="txt draft-demarco-nonce-endpoint" title=" (Text)">plain text</a></td>
-        <td><a href="https://author-tools.ietf.org/api/iddiff?url_1=https://peppelinux.github.io/draft-demarco-oauth-nonce-endpoint/draft-demarco-nonce-endpoint.txt&amp;url_2=https://peppelinux.github.io/draft-demarco-oauth-nonce-endpoint/notonlyas/draft-demarco-nonce-endpoint.txt" class="diff draft-demarco-nonce-endpoint">diff with main</a></td>
-      </tr>
-    </table>
-    <h2>Preview for branch <a href="req1">req1</a></h2>
-    <table id="branch-req1">
-      <tr>
-        <td><a href="req1/draft-demarco-nonce-endpoint.html" class="html draft-demarco-nonce-endpoint" title=" (HTML)"></a></td>
-        <td><a href="req1/draft-demarco-nonce-endpoint.txt" class="txt draft-demarco-nonce-endpoint" title=" (Text)">plain text</a></td>
-        <td><a href="https://author-tools.ietf.org/api/iddiff?url_1=https://peppelinux.github.io/draft-demarco-oauth-nonce-endpoint/draft-demarco-nonce-endpoint.txt&amp;url_2=https://peppelinux.github.io/draft-demarco-oauth-nonce-endpoint/req1/draft-demarco-nonce-endpoint.txt" class="diff draft-demarco-nonce-endpoint">diff with main</a></td>
-      </tr>
-    </table>
     <script>
 window.onload = function() {
   var referrer_branch = 'main';