Sure thing, new drafts have just been posted. JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants https://datatracker.ietf.org/doc/draft-ietf-oauth-jwt-bearer/ http://tools.ietf.org/html/draft-ietf-oauth-jwt-bearer-12
SAML 2.0 Profile for OAuth 2.0 Client Authentication and Authorization Grants https://datatracker.ietf.org/doc/draft-ietf-oauth-saml2-bearer/ http://tools.ietf.org/html/draft-ietf-oauth-saml2-bearer-23 On Wed, Nov 12, 2014 at 12:08 PM, Kathleen Moriarty < kathleen.moriarty.i...@gmail.com> wrote: > Hi Brian, > > If you could make a quick update, that would be easier to prevent it > from getting lost. The shepherd and I will recheck the draft and then > I'll move it forward. > > Thanks for all of your work on this! > Kathleen > > On Wed, Nov 12, 2014 at 12:05 PM, Brian Campbell > <bcampb...@pingidentity.com> wrote: > > Forwarding this to the WG. > > > > There is a word missing in the sentence noted below as well as in the > > similar sentence in the SAML draft. However, I believe it should be "to > the > > client" rather than "about the client". > > > > What is the most appropriate way to handle a minor fix like this at this > > stage? A note to the RFC editor? Or should I push new drafts? > > > > https://tools.ietf.org/html/draft-ietf-oauth-jwt-bearer-11#section-7 > > https://tools.ietf.org/html/draft-ietf-oauth-saml2-bearer-22#section-7 > > > > > > > > ---------- Forwarded message ---------- > > From: Benjamin Trofatter <trofat...@google.com> > > Date: Sat, Nov 8, 2014 at 8:11 PM > > Subject: draft-ietf-oauth-jwt-bearer draft errors > > To: m...@microsoft.com, brian.d.campb...@gmail.com, > cmortim...@salesforce.com > > > > > > Hi, > > > > I was reading your draft and noticed a couple of typos. In 7 Privacy > > paragraph 1, the last sentence reads: > > > > "In cases where it is desirable to prevent disclosure of certain > information > > the client, the JWT should be be encrypted to the authorization server." > > > > I'm guessing this ought to say something like: > > > > "In cases where it is desirable to prevent disclosure of certain > information > > about the client, the JWT should be encrypted to the authorization > server." > > > > Hope this helps, > > > > Ben > > _______________________________________________ > > Ben Trofatter // Software Engineer // > > trofat...@google.com // (650) 279-0512 > > > > > > > > _______________________________________________ > > OAuth mailing list > > OAuth@ietf.org > > https://www.ietf.org/mailman/listinfo/oauth > > > > > > -- > > Best regards, > Kathleen >
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth