I'm supportive of this specification being published. On Wed, Nov 19, 2025 at 5:45 PM Michael Jones <[email protected]> wrote:
> Unsurprisingly, as an author, I believe that the specification has > addressed the issues raised and is ready for publication. > > Thanks, > -- Mike > > -----Original Message----- > From: Rifaat Shekh-Yusef via Datatracker <[email protected]> > Sent: Monday, November 17, 2025 12:07 PM > To: [email protected]; [email protected]; > [email protected] > Subject: WG Last Call: draft-ietf-oauth-rfc7523bis-03 (Ends 2025-12-01) > > > Subject: WG Last Call: draft-ietf-oauth-rfc7523bis-03 (Ends 2025-12-01) > > This message starts a 2-week WG Last Call for this document. > > Abstract: > This specification updates the requirements for audience values in > OAuth 2.0 Client Assertion Authentication and Assertion-based > Authorization Grants to address a security vulnerability identified > in the previous requirements for those audience values in multiple > OAuth 2.0 specifications. > > File can be retrieved from: > https://datatracker.ietf.org/doc/draft-ietf-oauth-rfc7523bis/ > > Please review and indicate your support or objection to proceed with the > publication of this document by replying to this email keeping > [email protected] in copy. Objections should be motivated and suggestions to > resolve them are highly appreciated. > > Authors, and WG participants in general, are reminded again of the > Intellectual Property Rights (IPR) disclosure obligations described in BCP > 79 [1]. Appropriate IPR disclosures required for full conformance with the > provisions of BCP 78 [1] and BCP 79 [2] must be filed, if you are aware of > any. Sanctions available for application to violators of IETF IPR Policy > can be found at [3]. > > Thank you. > > [1] https://datatracker.ietf.org/doc/bcp78/ > [2] https://datatracker.ietf.org/doc/bcp79/ > [3] https://datatracker.ietf.org/doc/rfc6701/ > > > > _______________________________________________ > OAuth mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
