[OAUTH-WG] DPoP key rotation

2021-06-08 Thread Dmitry Telegin
Hi, I'm Dmitry Telegin, I'm currently working on DPoP implementation in Keycloak on behalf of my company, Backbase. Takashi Norimatsu of Hitachi supervises this process as the head of the Keycloak FAPI SIG. With the current DPoP design, once the keypair has been generated on the user agent and

Re: [OAUTH-WG] WG Last Call for the Authorization Server Issuer Identification document

2021-06-08 Thread Warren Parad
Reviewed, no concerns. Warren Parad Founder, CTO Secure your user data with IAM authorization as a service. Implement Authress . On Tue, Jun 8, 2021 at 2:48 PM Rifaat Shekh-Yusef wrote: > All, > > This is to start a *WG Last Call *for the *Authorization Server Issuer >

[OAUTH-WG] WG Last Call for the Authorization Server Issuer Identification document

2021-06-08 Thread Rifaat Shekh-Yusef
All, This is to start a *WG Last Call *for the *Authorization Server Issuer Identification* document, that ends *June 23rd*. https://www.ietf.org/archive/id/draft-ietf-oauth-iss-auth-resp-01.html Please, review the document and provide your feedback on the mailing list. A feedback that states

Re: [OAUTH-WG] WG Last Call on the RAR Document

2021-06-08 Thread Dave Tonge
Dear RAR authors Thank you for your work on this draft - I believe it will be very helpful to many ecosystems and am in favour of its progression. A few nits: *Whole Document* - "payment initiation" is I think a PSD2 specific term, I'm not sure about its use in the document, perhaps just

Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-iss-auth-resp-01.txt

2021-06-08 Thread Karsten Meyer zu Selhausen
Hi all, thank you for your feedback. In this version we addressed your comments on the JARM note and clarified the mix-up description. We also changed the title of the draft to make it a little shorter. Best regards, Karsten On 08.06.2021 11:07, internet-dra...@ietf.org wrote: A New

[OAUTH-WG] I-D Action: draft-ietf-oauth-iss-auth-resp-01.txt

2021-06-08 Thread internet-drafts
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Web Authorization Protocol WG of the IETF. Title : OAuth 2.0 Authorization Server Issuer Identification Authors : Karsten Meyer zu Selhausen