Skip to content

Commit 8df8be5

Browse files
paulbastianpaulbastian
committed
improve caching guidelines and move them to implementaiton considerations
1 parent 0d7d83a commit 8df8be5

File tree

1 file changed

+40
-28
lines changed

1 file changed

+40
-28
lines changed

draft-ietf-oauth-status-list.md

+40-28
Original file line numberDiff line numberDiff line change
@@ -971,34 +971,6 @@ If the Issuer of the Referenced Token is a different entity than the Status Issu
971971
└─────────────────┘
972972
~~~
973973

974-
## Status List Caching
975-
976-
When fetching a Status List Token, Relying Parties must carefully evaluate how long a Status List is cached for. Collectively the `iat`, `exp` and `ttl` claims when present in a Status List Token communicate how long a Status List should be cached and should be considered valid for. The following diagram illustrates the relationship between these claims and how they are designed to influence caching.
977-
978-
~~~ ascii-art
979-
Time of fetching
980-
981-
982-
│ Check for Check for Check for
983-
│ updates updates updates
984-
985-
iat │ │ │ │ exp
986-
│ │ │ │
987-
│ │ │ │ │ │
988-
│ │ │ │ │ │
989-
│ │ │ │ │ │
990-
│ │ │ │ │ │
991-
│ │ ttl │ ttl │ ttl │ │
992-
│ │ ─────────────► │ ─────────────► │ ─────────────► │ ──► │
993-
│ │ │ │ │ │
994-
│ │ │ │ │ │
995-
│ │
996-
──┼───────────────────────────────────────────────────────────────┼─►
997-
│ │
998-
~~~
999-
1000-
It is essential to understand the distinct purposes of the `ttl` and `exp` claims. The `ttl` claim represents a duration to be interpreted relative to the time the Status List is fetched, indicating when a new version of the Status List may be available. In contrast, the `exp` claim specifies an absolute timestamp, marking the point in time when the Status List expires and MUST NOT be relied upon any longer. Together, these claims provide guidance on when to check for updates (`ttl` claim) and when the Status List must be refreshed or replaced (`exp` claim).
1001-
1002974
# Privacy Considerations
1003975

1004976
## Observability of Issuers {#privacy-issuer}
@@ -1118,6 +1090,45 @@ If the roles of the Issuer of the Referenced Token and the Status Issuer are per
11181090

11191091
If the roles of the Status Issuer and the Status Provider are performed by different entities, this may allow for greater scalability, as the Status List Tokens may be served by operators with greater resources, like CDNs. At the same time the authenticity and integrity of Token Status List is still guaranteed, as it is signed by the Status Issuer.
11201092

1093+
## Status List Update Interval and Caching
1094+
1095+
Status Issuers have two options to communicate their update interval policy for the status of their Referenced Tokens:
1096+
1097+
- the `exp` claim specifies an absolute timestamp, marking the point in time when the Status List expires and MUST NOT be relied upon any longer
1098+
- the `ttl` claim represents a duration to be interpreted relative to the time the Status List is fetched, indicating when a new version of the Status List may be available
1099+
1100+
Both `ttl` and `exp` are RECOMMENDED to be used by the Status Issuer.
1101+
1102+
When fetching a Status List Token, Relying Parties must carefully evaluate how long a Status List is cached for. Collectively the `iat`, `exp` and `ttl` claims when present in a Status List Token communicate how long a Status List should be cached and should be considered valid for. Relying Parties have different options for caching the Status List:
1103+
1104+
- After time of fetching, the Relying Party caches the Status List for time duration of `ttl` before making checks for updates. This method is RECOMMENDED to distribute the load for the Status Provider.
1105+
- After initial fetching, the Relying Party checks for updates at time of `iat` + `ttl`. This method ensures the most up-to-date information for critical use cases. The Relying Party should account a minimal offset due to the signing and distribution process of the Status Issuer.
1106+
- If no `ttl` is given, then Relying Party SHOULD check for updates latest after time of `exp`.
1107+
1108+
Ultimately, its the Relying Parties decision how often to check for updates, ecosystems may define there own guidelines and policies for updating the Status List information.
1109+
1110+
The following diagram illustrates the relationship between these claims and how they are designed to influence caching:
1111+
1112+
~~~ ascii-art
1113+
1114+
Time of Check for Check for Check for
1115+
Fetching updates updates updates
1116+
1117+
iat │ │ │ │ exp
1118+
│ │ │ │
1119+
│ │ │ │ │ │
1120+
│ │ │ │ │ │
1121+
│ │ │ │ │ │
1122+
│ │ │ │ │ │
1123+
│ │ ttl │ ttl │ ttl │ │
1124+
│ │ ─────────────► │ ─────────────► │ ─────────────► │ ──► │
1125+
│ │ │ │ │ │
1126+
│ │ │ │ │ │
1127+
│ │
1128+
──┼───────────────────────────────────────────────────────────────┼─►
1129+
│ │
1130+
~~~
1131+
11211132
## Relying Parties avoiding correlatable Information
11221133

11231134
If the Relying Party does not require the Referenced Token and the Status List Token after the presentation, e.g. for subsequent status checks or audit trail, it is RECOMMENDED to delete correlatable information, in particular:
@@ -1866,6 +1877,7 @@ CBOR encoding:
18661877

18671878
-10
18681879

1880+
* improve caching guidelines and move them to implementaiton considerations
18691881
* Add size comparison for status list and compressed uuids
18701882
* Change Controller IESG for OAuths Parameters Registration
18711883

0 commit comments

Comments
 (0)