[OAUTH-WG] Weekly github digest (OAuth Activity Summary)

Sat, 17 Jan 2026 23:48:29 -0800 



Events without label "editorial"

Issues
------
* oauth-wg/oauth-transaction-tokens (+0/-8/πŸ’¬2)
 2 issues received 2 new comments:
 - #285 Editorial: Check for consistent casing of Txn-Token (1 by tulshi)

   https://github.com/oauth-wg/oauth-transaction-tokens/issues/285 [pre-last-call] 
 - #213 Compare WIMSE arch doc terminology with Transaction token spec (1 by PieterKas)
   https://github.com/oauth-wg/oauth-transaction-tokens/issues/213 [pre-last-call] [WGLC Feedback] 


 8 issues closed:

 - Review Acknowledgements Section https://github.com/oauth-wg/oauth-transaction-tokens/issues/260 [pre-last-call] 
 - Lack in normative language for workloads to validate Txn-Tokens and authorization context https://github.com/oauth-wg/oauth-transaction-tokens/issues/270 [pre-last-call] 
 - Consider stronger normative language https://github.com/oauth-wg/oauth-transaction-tokens/issues/209 [pre-last-call] [WGLC Feedback] 
 - Consistency Pass Needed https://github.com/oauth-wg/oauth-transaction-tokens/issues/243 [pre-last-call] 
 - Compare WIMSE arch doc terminology with Transaction token spec https://github.com/oauth-wg/oauth-transaction-tokens/issues/213 [pre-last-call] [WGLC Feedback] 
 - Clarify request_context normative language https://github.com/oauth-wg/oauth-transaction-tokens/issues/268 [pre-last-call] 
 - Editorial: Check for consistent casing of Txn-Token https://github.com/oauth-wg/oauth-transaction-tokens/issues/285 [pre-last-call] 
 - Txn-Token Service Unique keys https://github.com/oauth-wg/oauth-transaction-tokens/issues/283 


* oauth-wg/oauth-sd-jwt-vc (+1/-3/πŸ’¬6)
 1 issues created:
 - No application/mime type defined for SD-JWT Type Metadata (by TimoGlastra)

   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/388 


 3 issues received 6 new comments:
 - #388 No application/mime type defined for SD-JWT Type Metadata (3 by 
TimoGlastra, bc-pi)

   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/388 
 - #384 vct unique per issuer or per VC type? (2 by alenhorvat, awoie)
   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/384 
 - #383 Tim's SD-JWT-VC-13 Review (1 by bc-pi)
   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/383 


 3 issues closed:

 - No application/mime type defined for SD-JWT Type Metadata https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/388 
 - vct unique per issuer or per VC type? https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/384 
 - Tim's SD-JWT-VC-13 Review https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/383 


* oauth-wg/oauth-cross-device-security (+8/-8/πŸ’¬0)
 8 issues created:
 - Security Considerations (by PieterKas)

   https://github.com/oauth-wg/oauth-cross-device-security/issues/245 
 - Prevent (by PieterKas)
   https://github.com/oauth-wg/oauth-cross-device-security/issues/244 
 - Trusted Networks (by PieterKas)
   https://github.com/oauth-wg/oauth-cross-device-security/issues/243 
 - Why isn’t this a reco? (by PieterKas)
   https://github.com/oauth-wg/oauth-cross-device-security/issues/242 
 - What risk? (by PieterKas)
   https://github.com/oauth-wg/oauth-cross-device-security/issues/241 
 - Privacy considerations (by PieterKas)
   https://github.com/oauth-wg/oauth-cross-device-security/issues/240 
 - Implementers (by PieterKas)
   https://github.com/oauth-wg/oauth-cross-device-security/issues/239 
 - # Beyond OAUTH WG (by PieterKas)
   https://github.com/oauth-wg/oauth-cross-device-security/issues/238 


 8 issues closed:

 - Security Considerations https://github.com/oauth-wg/oauth-cross-device-security/issues/245 
 - Trusted Networks https://github.com/oauth-wg/oauth-cross-device-security/issues/243 
 - Why isn’t this a reco? https://github.com/oauth-wg/oauth-cross-device-security/issues/242 
 - What risk? https://github.com/oauth-wg/oauth-cross-device-security/issues/241 
 - Prevent https://github.com/oauth-wg/oauth-cross-device-security/issues/244 
 - Privacy considerations https://github.com/oauth-wg/oauth-cross-device-security/issues/240 
 - Implementers https://github.com/oauth-wg/oauth-cross-device-security/issues/239 
 - # Beyond OAUTH WG https://github.com/oauth-wg/oauth-cross-device-security/issues/238 


* oauth-wg/oauth-v2-1 (+1/-0/πŸ’¬3)
 1 issues created:
 - Consideration to forbid PKCE plain mode in OAuth 2.1 (by corriganjeff)

   https://github.com/oauth-wg/oauth-v2-1/issues/236 


 1 issues received 3 new comments:
 - #236 Consideration to forbid PKCE plain mode in OAuth 2.1 (3 by adeinega, 
randomstuff)

   https://github.com/oauth-wg/oauth-v2-1/issues/236 


* oauth-wg/draft-ietf-oauth-status-list (+2/-3/πŸ’¬3)
 2 issues created:
 - re-work mdoc section (by c2bo)

   https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/343 
 - Fix typo in Size comparison table (by thomasdarimont)
   https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/341 


 3 issues received 3 new comments:
 - #341 Fix typo in Size comparison table (1 by c2bo)

   https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/341 
 - #337 Orie Steele's review (1 by paulbastian)
   https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/337 
 - #333 Mohamed Boucadair's feedback (1 by paulbastian)
   https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/333 


 3 issues closed:

 - Mike Bishop's Review https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/335 
 - Mohamed Boucadair's feedback https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/333 
 - Roman Danyliw's Review https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/336 


* oauth-wg/draft-ietf-oauth-rfc8725bis (+0/-2/πŸ’¬1)
 1 issues received 1 new comments:
 - #29 Brian's comment - WGLC - alg:none (1 by yaronf)

   https://github.com/oauth-wg/draft-ietf-oauth-rfc8725bis/issues/29 


 2 issues closed:

 - Brian's comment - WGLC - alg:none https://github.com/oauth-wg/draft-ietf-oauth-rfc8725bis/issues/29 
 - Brian's WGLC comment - compression https://github.com/oauth-wg/draft-ietf-oauth-rfc8725bis/issues/31 




Pull requests
-------------
* oauth-wg/oauth-transaction-tokens (+7/-0/πŸ’¬5)
 7 pull requests submitted:
 -  (by gffletch)

    
 -  (by tulshi)
    
 -  (by gffletch)
    
 -  (by tulshi)
    
 -  (by gffletch)
    
 -  (by PieterKas)
    
 -  (by PieterKas)
    


 4 pull requests received 5 new comments:
 - #300 Added normative language for processing Txn-Tokens (1 by gffletch)

   https://github.com/oauth-wg/oauth-transaction-tokens/pull/300 
 - #297 Replace various names used for TTS by TTS (1 by tulshi)
   https://github.com/oauth-wg/oauth-transaction-tokens/pull/297 
 - #296 Refactor to align with `req_wl` being a top-level claim.  (1 by tulshi)
   https://github.com/oauth-wg/oauth-transaction-tokens/pull/296 
 - #295 Clarify Txn-Token Service context requirements (2 by PieterKas, gffletch)
   https://github.com/oauth-wg/oauth-transaction-tokens/pull/295 


* oauth-wg/oauth-sd-jwt-vc (+1/-0/πŸ’¬0)
 1 pull requests submitted:
 -  (by bc-pi)

    


* oauth-wg/oauth-cross-device-security (+10/-0/πŸ’¬0)
 10 pull requests submitted:
 -  (by PieterKas)

    
 -  (by PieterKas)
    
 -  (by PieterKas)
    
 -  (by PieterKas)
    
 -  (by PieterKas)
    
 -  (by PieterKas)
    
 -  (by PieterKas)
    
 -  (by PieterKas)
    
 -  (by PieterKas)
    
 -  (by boucadair)
    


* oauth-wg/oauth-selective-disclosure-jwt (+0/-0/πŸ’¬1)
 1 pull requests received 1 new comments:
 - #583 Add Haskell sd-jwt link to README (1 by yaronf)

   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/583 


* oauth-wg/draft-ietf-oauth-status-list (+4/-0/πŸ’¬1)
 4 pull requests submitted:
 -  (by thomasdarimont)

    
 -  (by tplooker)
    
 -  (by c2bo)
    
 -  (by paulbastian)
    


 1 pull requests received 1 new comments:
 - #340 Address Andy's review (1 by c2bo)

   https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/340 


* oauth-wg/draft-ietf-oauth-rfc7523bis (+2/-0/πŸ’¬1)
 2 pull requests submitted:
 -  (by AxelNennker)

    
 -  (by AxelNennker)
    


 1 pull requests received 1 new comments:
 - #24 tradeoffs between using issuer and specific endpoint urls (1 by 
AxelNennker)

   https://github.com/oauth-wg/draft-ietf-oauth-rfc7523bis/pull/24 



Repositories tracked by this digest:
-----------------------------------
* https://github.com/oauth-wg/oauth-browser-based-apps
* https://github.com/oauth-wg/oauth-identity-chaining
* https://github.com/oauth-wg/oauth-transaction-tokens
* https://github.com/oauth-wg/oauth-sd-jwt-vc
* https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata
* https://github.com/oauth-wg/oauth-cross-device-security
* https://github.com/oauth-wg/oauth-selective-disclosure-jwt
* https://github.com/oauth-wg/oauth-v2-1
* https://github.com/oauth-wg/draft-ietf-oauth-status-list
* https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth
* https://github.com/oauth-wg/oauth-identity-assertion-authz-grant
* https://github.com/oauth-wg/draft-ietf-oauth-rfc8725bis
* https://github.com/oauth-wg/draft-ietf-oauth-rfc7523bis
* https://github.com/oauth-wg/oauth-first-party-apps
* https://github.com/oauth-wg/draft-ietf-oauth-client-id-metadata-document


--
To have a summary like this sent to your list, see: 
https://github.com/ietf-github-services/activity-summary

_______________________________________________
OAuth mailing list -- [email protected]
To unsubscribe send an email to [email protected]























					Reply via email to