Thanks Tim, really appreciating the feedback. I opened two issues to track your feedback here:
1. Editorial updates for FIDO Section: https://github.com/oauth-wg/oauth-cross-device-security/issues/138 2. Consistent use of Smart TV: https://github.com/oauth-wg/oauth-cross-device-security/issues/137 Once again thanks for your feedback. Cheers Pieter From: OAuth <oauth-boun...@ietf.org> On Behalf Of Tim Cappalli Sent: Wednesday, April 24, 2024 8:13 PM To: rifaat.s.ietf <rifaat.s.i...@gmail.com> Cc: oauth <oauth@ietf.org> Subject: Re: [OAUTH-WG] WGLC for Cross-Device Flows BCP You don't often get email from tim.cappalli=40okta....@dmarc.ietf.org<mailto:tim.cappalli=40okta....@dmarc.ietf.org>. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification> Looks great! Some small proposed tweaks: Nit: "SmartTV" and "Smart TV" are used interchangeably throughout the doc. No preference on which one is used, but should be consistent. 6.2.3.1 Current text: "supports a new cross-device authentication protocol, called "hybrid"" Proposed text: "supports a new cross-device transport protocol, called "hybrid transports" Propose adding the following at the end of the first paragraph: "CTAP 2.2 hybrid transports is implemented by the client and authenticator platforms." Current text: "The main device and authenticator" Proposed text: "The main device (CTAP client) and authenticator" Current text: "The user will receive a push notification on the authenticator." Proposed text: "The user will typically receive a push notification on the device serving as the FIDO authenticator." 6.2.3.3 Current text: "Both the Consumption Device and the authenticator require BLE support." Proposed text: "Both the Consumption Device and the authenticator require BLE support and also need access to the internet" s/hybrid transport/hybrid transports Current text: "The mobile phone must support CTAP 2.2+ to be used as a cross-device authenticator." Proposed text: "The device serving as the FIDO authenticator must support CTAP 2.2+ to be used as a cross-device authenticator." tim On Mon, Apr 22, 2024 at 10:57 AM Rifaat Shekh-Yusef <rifaat.s.i...@gmail.com<mailto:rifaat.s.i...@gmail.com>> wrote: This message originated outside your organization. ________________________________ We have not received any feedback on this document so far. This is a reminder to review and provide feedback on this document. If you reviewed the document, and you do not have any comments or concerns, it would be great if you can send an email to the list indicating that. Regards, Rifaat On Mon, Apr 15, 2024 at 9:32 AM Rifaat Shekh-Yusef <rifaat.s.i...@gmail.com<mailto:rifaat.s.i...@gmail.com>> wrote: All, This is a WG Last Call for the Cross-Device Flows BCP document. https://www.ietf.org/archive/id/draft-ietf-oauth-cross-device-security-06.html<https://urldefense.com/v3/__https://www.ietf.org/archive/id/draft-ietf-oauth-cross-device-security-06.html__;!!PwKahg!525wPy1_fpxaxk0Ic3TFoDq_1bASFewwEnh5LzytxLRyQ3DK4Yk5cIXmhgeed2ocAyWYCgh_FuutXE_aMzBQRlKp$> Please, review this document and reply on the mailing list if you have any comments or concerns, by April 29th. Regards, Rifaat & Hannes _______________________________________________ OAuth mailing list OAuth@ietf.org<mailto:OAuth@ietf.org> https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
