Re: [OAUTH-WG] OAuth 2.0 Rich Authorization Requests (RAR): Implementation Status

Dear Hannes, For the writeup: Authlete supports RAR since version 2.2 and it is confirmed that at least one of their customers is operating a commercial service that utilizes RAR with CIBA as of April, 2022. Best Regards, Takahiko Kawasaki On Wed, Apr 6, 2022 at 10:46 PM Hannes Tschofenig

[OAUTH-WG] Shepherd writeup for draft-ietf-oauth-rar-10

Hi all, Here is the work in progress version of the shepherd writeup for the draft-ietf-oauth-rar-10: https://datatracker.ietf.org/doc/draft-ietf-oauth-rar/shepherdwriteup/ Please take a look at it and let me know if I missed anything. I will ship it to the IESG once all IPR confirmations are

Re: [OAUTH-WG] OAuth 2.0 Rich Authorization Requests (RAR): Implementation Status

Hi, the yes ecosystem (1200 IDPs) uses RAR for authorising payment initiation and qualified electronic signatures. The Cloud Signature Consortium included RAR as means to authorise electronic signature to the v 2.0 of its API for remote signature creation

Re: [OAUTH-WG] IPR Disclosures - OAuth 2.0 Rich Authorization Requests

I am not aware of any IPR associated with this document. On Wed, Apr 6, 2022 at 7:38 AM Hannes Tschofenig wrote: > Authors, > > > > as part of the shepherd write-up, all authors of draft-ietf-oauth-rar must > confirm > > that any and all appropriate IPR disclosures required for full conformance

[OAUTH-WG] OAuth 2.0 Rich Authorization Requests (RAR): Implementation Status

Hi all, I am working on the shepherd writeup for the RAR document and the IESG is interested to hear about the implementation status of this specification. What implementations are available that use the RAR functionality or are vendors planning to implement this specification? Ciao Hannes

Re: [OAUTH-WG] IPR Disclosures - OAuth 2.0 Rich Authorization Requests

I am not aware of any IPR that pertains to this specification. > Am 06.04.2022 um 15:34 schrieb Hannes Tschofenig : > > Authors, > > as part of the shepherd write-up, all authors of draft-ietf-oauth-rar must > confirm > that any and all appropriate IPR disclosures required for full

[OAUTH-WG] IPR Disclosures - OAuth 2.0 Rich Authorization Requests

Authors, as part of the shepherd write-up, all authors of draft-ietf-oauth-rar must confirm that any and all appropriate IPR disclosures required for full conformance with the provisions of BCP 78 and BCP 79 have already been filed. Please, reply to this email on the mailing list and indicate

Re: [OAUTH-WG] Listing OAuth Access Token Metadata

For the listing of all the user's toke, there isn't a standard for that. Additionally these should still be OAuth flow generated tokens via that third party. OAuth tokens are for clients on behalf of users, your use case directly matches with the expectation of OAuth. Lastly, if you want to add