[OAUTH-WG] Weekly github digest (OAuth Activity Summary)

[Repository Activity Summary Bot]

Events without label "editorial"

Issues
------
* oauth-wg/oauth-transaction-tokens (+0/-0/💬1)
 1 issues received 1 new comments:
 - #216 txn-ctx modification (1 by tulshi)
   https://github.com/oauth-wg/oauth-transaction-tokens/issues/216 

* oauth-wg/oauth-sd-jwt-vc (+5/-1/💬19)
 5 issues created:
 - Expressing claims in multiple languages? (by alenhorvat)
   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/386 
 - vct -> semantics, but no sematics (by alenhorvat)
   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/385 [pending close] 
 - vct unique per issuer or per VC type? (by alenhorvat)
   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/384 
 - Tim's SD-JWT-VC-13 Review (by bc-pi)
   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/383 
 - Dan's SD-JWT-VC-13 Review (by bc-pi)
   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/382 

 4 issues received 19 new comments:
 - #385 vct -> semantics, but no sematics (6 by alenhorvat, awoie)
   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/385 [pending close] 
 - #384 vct unique per issuer or per VC type? (10 by alenhorvat, awoie)
   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/384 
 - #381 Query or fragment components in the iss using HTTPS scheme (1 by bc-pi)
   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/381 
 - #377 Other Issuer Signature Mechanisms using https scheme (2 by bc-pi, lj-raidiam)
   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/377 

 1 issues closed:
 - Other Issuer Signature Mechanisms using https scheme https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/377 

* oauth-wg/oauth-cross-device-security (+12/-7/💬3)
 12 issues created:
 - Authentticate-the-initiate as a mitigation (by PieterKas)
   https://github.com/oauth-wg/oauth-cross-device-security/issues/219 [ART Review] 
 - Grammer and spelling (by PieterKas)
   https://github.com/oauth-wg/oauth-cross-device-security/issues/218 [ART Review] 
 - Forward Reference (by PieterKas)
   https://github.com/oauth-wg/oauth-cross-device-security/issues/217 [ART Review] 
 - Device Type spoofing (by PieterKas)
   https://github.com/oauth-wg/oauth-cross-device-security/issues/216 [ART Review] 
 - Clarify that limitations exist (by PieterKas)
   https://github.com/oauth-wg/oauth-cross-device-security/issues/215 [ART Review] 
 - Say more about 6 digit codes (by PieterKas)
   https://github.com/oauth-wg/oauth-cross-device-security/issues/214 [ART Review] 
 - Authentication device -> authorization device (by PieterKas)
   https://github.com/oauth-wg/oauth-cross-device-security/issues/213 
 - Editorial (by PieterKas)
   https://github.com/oauth-wg/oauth-cross-device-security/issues/212 [ART Review] 
 - Reference rate limits as mitigation for Example B9 (by PieterKas)
   https://github.com/oauth-wg/oauth-cross-device-security/issues/211 [ART Review] 
 - Yeni (by Adaletliol)
   https://github.com/oauth-wg/oauth-cross-device-security/issues/210 
 - Clarify Diagrams (by PieterKas)
   https://github.com/oauth-wg/oauth-cross-device-security/issues/208 [ART Review] 
 - Add references or defintions for phishing or social engineering (by PieterKas)
   https://github.com/oauth-wg/oauth-cross-device-security/issues/207 [ART Review] 

 2 issues received 3 new comments:
 - #218 Grammer and spelling (2 by PieterKas, jimfenton)
   https://github.com/oauth-wg/oauth-cross-device-security/issues/218 [ART Review] 
 - #210 Yeni (1 by Adaletliol)
   https://github.com/oauth-wg/oauth-cross-device-security/issues/210 

 7 issues closed:
 - Clarify that limitations exist https://github.com/oauth-wg/oauth-cross-device-security/issues/215 [ART Review] 
 - Editorial https://github.com/oauth-wg/oauth-cross-device-security/issues/212 [ART Review] 
 - Reference rate limits as mitigation for Example B9 https://github.com/oauth-wg/oauth-cross-device-security/issues/211 [ART Review] 
 - Say more about 6 digit codes https://github.com/oauth-wg/oauth-cross-device-security/issues/214 [ART Review] 
 - Authentication device -> authorization device https://github.com/oauth-wg/oauth-cross-device-security/issues/213 
 - Yeni https://github.com/oauth-wg/oauth-cross-device-security/issues/210 
 - Add references or defintions for phishing or social engineering https://github.com/oauth-wg/oauth-cross-device-security/issues/207 [ART Review] 

* oauth-wg/oauth-v2-1 (+0/-0/💬3)
 1 issues received 3 new comments:
 - #233 make mix-up mitigation via issuer mandatory (3 by aaronpk, 
will-bartlett)
   https://github.com/oauth-wg/oauth-v2-1/issues/233 

* oauth-wg/draft-ietf-oauth-attestation-based-client-auth (+0/-1/💬7)
 5 issues received 7 new comments:
 - #171 Make iss optional in Client Attestation JWT (1 by paulbastian)
   https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/171 [ready-for-pr] 
 - #170 Client metadata ? (2 by babisRoutis, c2bo)
   https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/170 [discuss] 
 - #169 Authorization Server metadata defined inside implementation considerations (1 by paulbastian)
   https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/169 [ready-for-pr] 
 - #154 A protocol for the renewal of one-time use Client Attestation JWTs is necessary (1 by tplooker)
   https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/154 [pending-close] 
 - #123 Similar proposal in AT Protocol: DPoP-bound private_key_jwt client authentication (2 by matthieusieben, paulbastian)
   https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/123 [pending-close] 

 1 issues closed:
 - Similar proposal in AT Protocol: DPoP-bound private_key_jwt client authentication https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/123 [pending-close] 

* oauth-wg/oauth-identity-assertion-authz-grant (+1/-0/💬1)
 1 issues created:
 - Audience vs Resource Clarity (by mcguinness)
   https://github.com/oauth-wg/oauth-identity-assertion-authz-grant/issues/69 

 1 issues received 1 new comments:
 - #52 Discovering allowed Resource App (instances) for the logged in user (1 
by mcguinness)
   https://github.com/oauth-wg/oauth-identity-assertion-authz-grant/issues/52 

* oauth-wg/draft-ietf-oauth-rfc8725bis (+0/-1/💬13)
 2 issues received 13 new comments:
 - #31 Brian's WGLC comment - compression (8 by bc-pi, dickhardt, selfissued, 
yaronf)
   https://github.com/oauth-wg/draft-ietf-oauth-rfc8725bis/issues/31 
 - #29 Brian's comment - WGLC - alg:none (5 by bc-pi, selfissued, yaronf)
   https://github.com/oauth-wg/draft-ietf-oauth-rfc8725bis/issues/29 

 1 issues closed:
 - Brian's WGLC comment - explicit typing https://github.com/oauth-wg/draft-ietf-oauth-rfc8725bis/issues/30 



Pull requests
-------------
* oauth-wg/oauth-cross-device-security (+6/-0/💬0)
 6 pull requests submitted:
 -  (by PieterKas)
    
 -  (by PieterKas)
    
 -  (by PieterKas)
    
 -  (by PieterKas)
    
 -  (by PieterKas)
    
 -  (by PieterKas)
    

* oauth-wg/oauth-v2-1 (+0/-0/💬3)
 1 pull requests received 3 new comments:
 - #230 Browser-Swapping (3 by JonasPrimbs, will-bartlett)
   https://github.com/oauth-wg/oauth-v2-1/pull/230 

* oauth-wg/draft-ietf-oauth-status-list (+1/-0/💬0)
 1 pull requests submitted:
 -  (by boucadair)
    

* oauth-wg/oauth-identity-assertion-authz-grant (+3/-0/💬4)
 3 pull requests submitted:
 -  (by mcguinness)
    
 -  (by mcguinness)
    
 -  (by mcguinness)
    

 1 pull requests received 4 new comments:
 - #67 initial attempt to add DPoP support for ID-JAG (4 by mcguinness, panva)
   https://github.com/oauth-wg/oauth-identity-assertion-authz-grant/pull/67 

* oauth-wg/draft-ietf-oauth-rfc8725bis (+3/-0/💬0)
 3 pull requests submitted:
 -  (by selfissued)
    
 -  (by selfissued)
    
 -  (by selfissued)
    

* oauth-wg/draft-ietf-oauth-rfc7523bis (+1/-0/💬0)
 1 pull requests submitted:
 -  (by selfissued)
    


Repositories tracked by this digest:
-----------------------------------
* https://github.com/oauth-wg/oauth-browser-based-apps
* https://github.com/oauth-wg/oauth-identity-chaining
* https://github.com/oauth-wg/oauth-transaction-tokens
* https://github.com/oauth-wg/oauth-sd-jwt-vc
* https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata
* https://github.com/oauth-wg/oauth-cross-device-security
* https://github.com/oauth-wg/oauth-selective-disclosure-jwt
* https://github.com/oauth-wg/oauth-v2-1
* https://github.com/oauth-wg/draft-ietf-oauth-status-list
* https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth
* https://github.com/oauth-wg/oauth-identity-assertion-authz-grant
* https://github.com/oauth-wg/draft-ietf-oauth-rfc8725bis
* https://github.com/oauth-wg/draft-ietf-oauth-rfc7523bis
* https://github.com/oauth-wg/oauth-first-party-apps
* https://github.com/oauth-wg/draft-ietf-oauth-client-id-metadata-document


--
To have a summary like this sent to your list, see: 
https://github.com/ietf-github-services/activity-summary
_______________________________________________
OAuth mailing list -- oauth@ietf.org
To unsubscribe send an email to oauth-le...@ietf.org