The following errata report has been submitted for RFC8252, "OAuth 2.0 for Native Apps".
-------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid8080 -------------------------------------- Type: Technical Reported by: Bryce Thomas <bryce.m.tho...@gmail.com> Section: 6 and 7.1 Original Text ------------- > Any redirect URI that allows the app to receive the URI and inspect its parameters is viable. and > When choosing a URI scheme to associate with the app, apps MUST use a URI scheme based on a domain name under their control, expressed in reverse order, as recommended by Section 3.8 of [RFC7595] for private-use URI schemes. These two statements appear to conflict. Corrected Text -------------- > Any redirect URI that allows the app to receive the URI and inspect its parameters is viable. and > When choosing a URI scheme to associate with the app, apps SHOULD use a URI scheme based on a domain name under their control, expressed in reverse order, as recommended by Section 3.8 of [RFC7595] for Notes ----- Suggest downgrading the section 7.1 text from MUST to SHOULD to resolve the conflict. Instructions: ------------- This erratum is currently posted as "Reported". (If it is spam, it will be removed shortly by the RFC Production Center.) Please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party will log in to change the status and edit the report, if necessary. -------------------------------------- RFC8252 (draft-ietf-oauth-native-apps-12) -------------------------------------- Title : OAuth 2.0 for Native Apps Publication Date : October 2017 Author(s) : W. Denniss, J. Bradley Category : BEST CURRENT PRACTICE Source : Web Authorization Protocol Stream : IETF Verifying Party : IESG _______________________________________________ OAuth mailing list -- oauth@ietf.org To unsubscribe send an email to oauth-le...@ietf.org
