Dear RFC Errata System, Thank you for the update regarding the errata report for RFC7636. I appreciate the clarification on the use of hyphens and underscores in the ABNF specification. It is reassuring to know that the existing text has been verified as correct.
Best regards, [Your Name] En 28 de octubre de 2025 6:06:48 a.m. GMT-05:00, RFC Errata System <[email protected]> escribió: >The following errata report has been rejected for RFC7636, >"Proof Key for Code Exchange by OAuth Public Clients". > >-------------------------------------- >You may review the report below and at: >https://www.rfc-editor.org/errata/eid8457 > >-------------------------------------- >Status: Rejected >Type: Editorial > >Reported by: Jeff Walden <[email protected]> >Date Reported: 2025-06-13 >Rejected by: Deb Cooley (IESG) > >Section: 4.1 > >Original Text >------------- >code-verifier = 43*128unreserved > >Corrected Text >-------------- >code_verifier = 43*128unreserved > >Notes >----- >The ABNF accidentally uses a hyphen/dash rather than an underscore in the >code_verifier name in its rule. > --VERIFIER NOTES-- >This is not an error and the errata should be rejected. As per the ABNF >definition in https://www.rfc-editor.org/rfc/rfc5234.html#section-21 the name >contains "alphabetics, digits, and hyphens (dashes)", and not underscores. The >commenter may be expecting the ABNF rule name of code-verifier to match the >parameter name of code_verifier, but they do not need to be the same. While >this is confusing, the text is correct as it stands. > >-------------------------------------- >RFC7636 (draft-ietf-oauth-spop-15) >-------------------------------------- >Title : Proof Key for Code Exchange by OAuth Public Clients >Publication Date : September 2015 >Author(s) : N. Sakimura, Ed., J. Bradley, N. Agarwal >Category : PROPOSED STANDARD >Source : Web Authorization Protocol >Stream : IETF >Verifying Party : IESG > >_______________________________________________ >OAuth mailing list -- [email protected] >To unsubscribe send an email to [email protected]
_______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
