Thanks for the review, Med! On Wed, May 21, 2025 at 4:58 AM Mohamed Boucadair via Datatracker < [email protected]> wrote:
> Mohamed Boucadair has entered the following ballot position for > draft-ietf-oauth-selective-disclosure-jwt-19: No Objection > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Hi Daniel, Kristina, and Brian, > > Thank you for the effort put into this specification. The theory of > operation > is well-explained with clear role and adequate cross references to link the > various actions. > > Thanks to Tiru Reddy for the OPSDIR review. I'm echoing below two main > points, > but I trust the authors will follow-up with Tiru for all the points he > raised. We have indeed replied. > > # Nits > > Please find below some very minor nits: > > # Please expand “JWTs” in the title. > I would prefer not to change the title but will maybe have that conversation with the RFC editor when/if the time comes. > # get rid of “often” in the introduction > > s/is often secured/can be secured > s/is often used/is used > I believe the use of the word was intentional and is accurate. > # The discussion about RPs was confusing to me as I didn’t find any such > mention in RFC7515/7519, but finally find it in OpenID.Core. Also, it > wasn’t > clear to me at that point how this relates the Issuer/Holder/Verifier roles > defined in the specification. > Looking again at the document, the term relying party only appears in close contextual proximity to OpenID. I'm not sure what could be done to mitigate the potential for such confusion? > Cheers, > Med > > > > -- _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._
_______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
