Hi All,
I wanted to submit a review of "Notification of Revoked Access Tokens
in the Authentication and Authorization for Constrained Environments
(ACE) Framework" (draft-tiloca-ace-revoked-token-notification-00).
I am an ACE noob, but hopefully my feedback will be constructive and
helpful. If th
Hi Ludwig,
Thanks for the feed back. I was raising the issue before it got forgotten. ,
and I must say I did not checked whether it had been addressed or not, as I did
not remember this had been raised for the ace-oauth-authz document.
What you are saying is that the draft has been updated al
On 21/11/2019 03:29, Daniel Migault wrote:
Hi,
This only concerns potential clarification of the text.
While reviewing mqtt-profile draft I raised an issue regarding the
reference for Oauth [RFC6749] while the remaining of the document
references draft-ietf-ace-oauth-authz [1]. My reading of
Hi,
This only concerns potential clarification of the text.
While reviewing mqtt-profile draft I raised an issue regarding the
reference for Oauth [RFC6749] while the remaining of the document
references draft-ietf-ace-oauth-authz [1]. My reading of
draft-ietf-ace-oauth-authz section 5.6.3
Hello ACE,
turns out -26 didn't cover one of the items in Ben's review, namely the
question of using Client introspection to determine token expiration as
a lower bound for key expiration. Since the whole issue of Client
introspection was contentious between OAuth experts, we decided to
remov
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Authentication and Authorization for
Constrained Environments WG of the IETF.
Title : Authentication and Authorization for Constrained
Environments (ACE) using the