[OAUTH-WG] Weekly github digest (OAuth Activity Summary)

Sun, 06 Jul 2025 00:49:07 -0700 



Events without label "editorial"

Issues
------
* oauth-wg/oauth-browser-based-apps (+0/-15/💬3)
 3 issues received 3 new comments:
 - #103 Level of detail of sections 6.1 / 6.2 / 6.3 (1 by aaronpk)

   https://github.com/oauth-wg/oauth-browser-based-apps/issues/103 [iesg-feedback] 
 - #95 Add reference for "confidential client" (1 by aaronpk)
   https://github.com/oauth-wg/oauth-browser-based-apps/issues/95 [iesg-feedback] 
 - #90 Address IESG Reviews (1 by aaronpk)
   https://github.com/oauth-wg/oauth-browser-based-apps/issues/90 [iesg-feedback] 


 15 issues closed:

 - Address IESG Reviews https://github.com/oauth-wg/oauth-browser-based-apps/issues/90 [iesg-feedback] 
 - Consistency of Terms https://github.com/oauth-wg/oauth-browser-based-apps/issues/86 [iesg-feedback] 
 - Level of detail of sections 6.1 / 6.2 / 6.3 https://github.com/oauth-wg/oauth-browser-based-apps/issues/103 [iesg-feedback] 
 - Extracting CryptoKeyPair https://github.com/oauth-wg/oauth-browser-based-apps/issues/99 [iesg-feedback] 
 - add reference for confused deputy https://github.com/oauth-wg/oauth-browser-based-apps/issues/98 [iesg-feedback] 
 - Cookie security, why NOT MUST https://github.com/oauth-wg/oauth-browser-based-apps/issues/96 [iesg-feedback] 
 - Add reference for session fixation https://github.com/oauth-wg/oauth-browser-based-apps/issues/94 [iesg-feedback] 
 - Clarify "first-party frontend" in the intro https://github.com/oauth-wg/oauth-browser-based-apps/issues/93 [iesg-feedback] 
 - Rearrange intro https://github.com/oauth-wg/oauth-browser-based-apps/issues/92 [iesg-feedback] 
 - add reference for refresh token rotation https://github.com/oauth-wg/oauth-browser-based-apps/issues/97 [iesg-feedback] 
 - Add reference for "confidential client" https://github.com/oauth-wg/oauth-browser-based-apps/issues/95 [iesg-feedback] 
 - Add more references to terminology when used https://github.com/oauth-wg/oauth-browser-based-apps/issues/91 [iesg-feedback] 
 - Remove references to Facebook and Twitter https://github.com/oauth-wg/oauth-browser-based-apps/issues/102 [iesg-feedback] 
 - clarify "previous recommendations" in Section 7 intro https://github.com/oauth-wg/oauth-browser-based-apps/issues/101 [iesg-feedback] 
 - add reference for OpenID Scopes https://github.com/oauth-wg/oauth-browser-based-apps/issues/100 [iesg-feedback] 


* oauth-wg/oauth-identity-chaining (+0/-1/💬0)
 1 issues closed:

 - Simplify text in section on JWT Authorization Grant https://github.com/oauth-wg/oauth-identity-chaining/issues/136 


* oauth-wg/oauth-transaction-tokens (+0/-0/💬5)
 1 issues received 5 new comments:
 - #178 Consider replacing Scope with Purpose (5 by gffletch)

   https://github.com/oauth-wg/oauth-transaction-tokens/issues/178 


* oauth-wg/oauth-sd-jwt-vc (+1/-0/💬2)
 1 issues created:
 - Be more opinionated about validity claims? (by danielfett)

   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/321 


 2 issues received 2 new comments:
 - #321 Be more opinionated about validity claims? (1 by charsleysa)

   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/321 
 - #237 Distinguish between issuance and presentation schemas (1 by babisRoutis)
   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/237 [discuss] 


* oauth-wg/oauth-cross-device-security (+1/-0/💬0)
 1 issues created:
 - broken internal links (by jogu)

   https://github.com/oauth-wg/oauth-cross-device-security/issues/169 


* oauth-wg/oauth-selective-disclosure-jwt (+0/-0/💬4)
 1 issues received 4 new comments:
 - #531 Small (and optional) editorial SD-JWT+KB's spec suggestion: remove 
whitespace from examples of JSON serialization  (4 by bc-pi, danielfett, panva)

   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/531 [pending-close] 


* oauth-wg/draft-ietf-oauth-status-list (+0/-0/💬1)
 1 issues received 1 new comments:
 - #292 Feedback regarding expected format (1 by c2bo)

   https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/292 


* oauth-wg/draft-ietf-oauth-attestation-based-client-auth (+0/-2/💬0)
 2 issues closed:

 - Propose to change the draft name https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/71 [pending-close] 
 - What is "unreasonably far in the past"? https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/108 [pending-close] 




Pull requests
-------------
* oauth-wg/oauth-browser-based-apps (+3/-3/💬0)
 3 pull requests submitted:
 - address comments from Orie's review (by aaronpk)

   https://github.com/oauth-wg/oauth-browser-based-apps/pull/109 
 - Terminology references (by aaronpk)
   https://github.com/oauth-wg/oauth-browser-based-apps/pull/108 
 - Roman review (by aaronpk)
   https://github.com/oauth-wg/oauth-browser-based-apps/pull/107 


 3 pull requests merged:
 - address comments from Orie's review

   https://github.com/oauth-wg/oauth-browser-based-apps/pull/109 
 - Terminology references
   https://github.com/oauth-wg/oauth-browser-based-apps/pull/108 
 - Roman review
   https://github.com/oauth-wg/oauth-browser-based-apps/pull/107 


* oauth-wg/oauth-identity-chaining (+8/-4/💬6)
 8 pull requests submitted:
 - update references to RFC9700 and RFC9728 (by aaronpk)

   https://github.com/oauth-wg/oauth-identity-chaining/pull/165 
 - add authorization server metadata (by aaronpk)
   https://github.com/oauth-wg/oauth-identity-chaining/pull/164 
 - Move Mr. Parecki from acknowledgements to contributors in acknowledgement of his contributions (by bc-pi)
   https://github.com/oauth-wg/oauth-identity-chaining/pull/163 
 - Added some Privacy Considerations (try 2) (by bc-pi)
   https://github.com/oauth-wg/oauth-identity-chaining/pull/162 
 - Fix some toolchain complaints and other nitpicks (by bc-pi)
   https://github.com/oauth-wg/oauth-identity-chaining/pull/161 
 - Simplify some text in the JWT Authorization Grant section (by bc-pi)
   https://github.com/oauth-wg/oauth-identity-chaining/pull/160 
 - Updated some contributors' affiliation and contact information (by bc-pi)
   https://github.com/oauth-wg/oauth-identity-chaining/pull/159 
 - add claims transcription examples (attempt 2) (by bc-pi)
   https://github.com/oauth-wg/oauth-identity-chaining/pull/158 


 4 pull requests received 6 new comments:
 - #164 add authorization server metadata (2 by aaronpk)

   https://github.com/oauth-wg/oauth-identity-chaining/pull/164 
 - #155 Added claims transcription examples (2 by bc-pi)
   https://github.com/oauth-wg/oauth-identity-chaining/pull/155 
 - #154 Simplified text in Section 2.4 (1 by bc-pi)
   https://github.com/oauth-wg/oauth-identity-chaining/pull/154 
 - #153 Added privacy consideration (1 by bc-pi)
   https://github.com/oauth-wg/oauth-identity-chaining/pull/153 


 4 pull requests merged:
 - Simplify some text in the JWT Authorization Grant section (try 2)

   https://github.com/oauth-wg/oauth-identity-chaining/pull/160 
 - Move Mr. Parecki from acknowledgements to contributors in acknowledgement of his contributions
   https://github.com/oauth-wg/oauth-identity-chaining/pull/163 
 - Fix some toolchain complaints and other nitpicks
   https://github.com/oauth-wg/oauth-identity-chaining/pull/161 
 - Updated some contributors' affiliation and contact information
   https://github.com/oauth-wg/oauth-identity-chaining/pull/159 


* oauth-wg/draft-ietf-oauth-status-list (+1/-0/💬1)
 1 pull requests submitted:
 - change accept header from must to should (by c2bo)

   https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/296 


 1 pull requests received 1 new comments:
 - #284 fix rendering of OID and make clear that it can be used for other 
status mechanisms (1 by paulbastian)

   https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/284 


* oauth-wg/draft-ietf-oauth-attestation-based-client-auth (+1/-0/💬0)
 1 pull requests submitted:
 - Remove expr from pop (by paulbastian)

   https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/pull/125 



Repositories tracked by this digest:
-----------------------------------
* https://github.com/oauth-wg/oauth-browser-based-apps
* https://github.com/oauth-wg/oauth-identity-chaining
* https://github.com/oauth-wg/oauth-transaction-tokens
* https://github.com/oauth-wg/oauth-sd-jwt-vc
* https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata
* https://github.com/oauth-wg/oauth-cross-device-security
* https://github.com/oauth-wg/oauth-selective-disclosure-jwt
* https://github.com/oauth-wg/oauth-v2-1
* https://github.com/oauth-wg/draft-ietf-oauth-status-list
* https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth


--
To have a summary like this sent to your list, see: 
https://github.com/ietf-github-services/activity-summary

_______________________________________________
OAuth mailing list -- oauth@ietf.org
To unsubscribe send an email to oauth-le...@ietf.org























					Reply via email to