Agreed. Phil
On 2011-09-16, at 12:08, Torsten Lodderstedt <tors...@lodderstedt.net> wrote: > I reviewed the diffs and it looks ok. > > regards, > Torsten. > > Am 07.09.2011 17:59, schrieb Barry Leiba: >> As you've all probably seen, Eran has posted version 21 of the OAuth >> base spec, in which he believes he's addressed all comments and issues >> that came up in the review of version 20. We should be ready to send >> this to the IESG. >> >> Everyone who had comments or issues, please review -21 and make sure >> that your concerns have been handled to your satisfaction (or that >> there was no consensus to make a change). And we encourage everyone >> to review the changes from -20 to -21, to make sure Eran didn't >> inadvertently break anything along the way. >> >> The -21 is here: http://tools.ietf.org/html/draft-ietf-oauth-v2-21 >> And diffs from -20 can be found here: >> http://tools.ietf.org/rfcdiff?url2=draft-ietf-oauth-v2-21.txt >> >> We'll give it until the end of next week, while I work on the shepherd >> writeup. Comments, please, by 16 September. A few affirmative notes >> saying, "Yes, I reviewed it and it looks good," will also be helpful. >> Keep in mind, as you review, that pet changes are out of scope at this >> point. We're just reviewing -21 to make sure (1) it doesn't break >> anything from -20, and (2) it isn't missing anything that was brought >> up in WGLC. New issues will have to be very serious, indeed, in order >> to be considered now. >> >> Also, a note on the thread that Mike Thomas started about the OAuth >> problem statement and threats: >> I did encourage him to start the discussion, and I think it can be a >> useful conversation. I do NOT think it will or should result in a >> change to the base spec, but it might feed into the threat model >> document (draft-ietf-oauth-v2-threatmodel), as Torsten, et al, move >> that toward completion. Remember that the base spec encourages >> readers to refer to the threat model document for more detailed >> descriptions of threats and attacks. >> >> Barry, as chair >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
