I can make that change. It is on my list to do the next time I tackle errata (not easy, so I usually procrastinate a little).
Deb On Wed, Jan 28, 2026 at 8:57 AM Martin Ottenwaelter < [email protected]> wrote: > You're right, I apologize for the wrong errata. > > Indeed, I was mislead by the diagram that is just below which is not the > one referenced in the text. > > Adding the word "above" will definitely help the reader not to make the > same mistake. > > Thank you for your time, > Martin Ottenwaelter > > > > Le mer. 28 janv. 2026 à 14:51, emelia <[email protected]> a écrit : > >> This errata appears to be wrong. Whilst the chart below the heading 1.5 >> Refresh token does issue the refresh token in step B, that diagram is >> labeled Figure 2. Step D in Figure 1 is actually the access token response. >> >> If anything, we could amend the text to read: >> >> it is included when issuing an access token (i.e., step (D) in >> Figure 1 above). >> >> >> (Adding the word above to avoid people referencing the wrong diagram >> incorrectly) >> >> Yours, >> Emelia Smith >> >> On 28. Jan 2026, at 14:22, RFC Errata System <[email protected]> >> wrote: >> >> The following errata report has been submitted for RFC6749, >> "The OAuth 2.0 Authorization Framework". >> >> -------------------------------------- >> You may review the report below and at: >> https://www.rfc-editor.org/errata/eid8722 >> >> -------------------------------------- >> Type: Technical >> Reported by: Martin Ottenwaelter <[email protected]> >> >> Section: 1.5 >> >> Original Text >> ------------- >> If the authorization server issues a refresh token, it is included when >> issuing an access token (i.e., step (D) in Figure 1). >> >> >> Corrected Text >> -------------- >> If the authorization server issues a refresh token, it is included when >> issuing an access token (i.e., step (B) in Figure 1). >> >> >> Notes >> ----- >> The authorization server issues a refresh token in step (B) in Figure 1), >> not in step (D). >> >> Instructions: >> ------------- >> This erratum is currently posted as "Reported". (If it is spam, it >> will be removed shortly by the RFC Production Center.) Please >> use "Reply All" to discuss whether it should be verified or >> rejected. When a decision is reached, the verifying party >> will log in to change the status and edit the report, if necessary. >> >> -------------------------------------- >> RFC6749 (draft-ietf-oauth-v2-31) >> -------------------------------------- >> Title : The OAuth 2.0 Authorization Framework >> Publication Date : October 2012 >> Author(s) : D. Hardt, Ed. >> Category : PROPOSED STANDARD >> Source : Web Authorization Protocol >> Stream : IETF >> Verifying Party : IESG >> >> _______________________________________________ >> OAuth mailing list -- [email protected] >> To unsubscribe send an email to [email protected] >> >>
_______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
