A New Internet-Draft is available from the on-line Internet-Drafts
directories. This Internet-Draft is a work item of the Web Authorization
Protocol (OAUTH) WG of the IETF.
Title : OAuth 2.0 Step-up Authentication Challenge Protocol
Authors : Vittorio Bertocci
Thanks Mark. And thank you again for your review, which will improve the
document. We'll we merge the and publish an updated draft soon
incorporating your suggestions.
On Wed, Apr 5, 2023 at 5:44 PM Mark Nottingham wrote:
> Thanks -- that looks good.
>
> Cheers,
>
>
> On 6 Apr 2023, at 5:31
___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
And that PR is here
https://github.com/oauth-wg/oauth-step-up-authn-challenge/pull/3/files
On Wed, Apr 5, 2023 at 10:59 AM Brian Campbell
wrote:
> Thank you for the review Mark. I've replied inline below with some context
> or explanation as best I can. And I'll put together a PR with
I also approve this request.
-- Mike
From: John Bradley
Sent: Wednesday, April 5, 2023 11:13 AM
To: dick.ha...@gmail.com
Cc: drafts-expert-review-comm...@iana.org; oauth-ext-rev...@ietf.org; Mike
Jones ; n...@sakimura.org;
I approve the request. Sent from my iPhoneOn Apr 5, 2023, at 1:59 PM, Dick Hardt wrote:I approve this request. On Wed, Apr 5, 2023 at 8:47 AM David Dong via RT wrote:Dear Michael, Nat, John and Dick (cc: oauth WG / review mailing list),
As the designated
I approve this request.
On Wed, Apr 5, 2023 at 8:47 AM David Dong via RT <
drafts-expert-review-comm...@iana.org> wrote:
> Dear Michael, Nat, John and Dick (cc: oauth WG / review mailing list),
>
> As the designated experts for the OAuth Authorization Server Metadata
> registry, can you review
Thank you for the review Mark. I've replied inline below with some context
or explanation as best I can. And I'll put together a PR with corresponding
changes/clarifications.
On Tue, Apr 4, 2023 at 11:18 PM Mark Nottingham via Datatracker <
nore...@ietf.org> wrote:
> Reviewer: Mark Nottingham
>
Hi Mark, thanks for the review.
On the terminology nits, I wanted to add some context.
"Resource server" is a term used throughout the OAuth specs, defined in
RFC6749. The term "resource" is used to distinguish the resource server
from the authorization server. It would be incredibly confusing
Dear Michael, Nat, John and Dick (cc: oauth WG / review mailing list),
As the designated experts for the OAuth Authorization Server Metadata registry,
can you review the proposed registration in draft-ietf-oauth-dpop for us?
Please see:
https://datatracker.ietf.org/doc/draft-ietf-oauth-dpop/
Hi Amanda,
I reviewed the request and I approve it.
Thanks for the work.
Ciao
Hannes
Am 05.04.2023 um 13:04 schrieb Amanda Baber via RT:
Hi Hannes,
Have you had a chance to review the OAuth Extensions Error registration in this
document? It's on next week's telechat agenda.
I'm trying to catch Justin's attention with that subject header :-)
This is more just for historical purposes. The desktop AOL client was
basically a rendering engine of a binary protocol called FDO (two versions
88 and 91). This protocol supported both markup and scripting optimized for
transfer
Hi Hannes,
Have you had a chance to review the OAuth Extensions Error registration in this
document? It's on next week's telechat agenda.
https://datatracker.ietf.org/doc/draft-ietf-oauth-step-up-authn-challenge/
thanks,
Amanda Baber
IANA Operations Manager
On Tue Mar 28 16:21:32 2023,
https://www.ietf.org/archive/id/draft-ietf-oauth-v2-1-08.html#name-countermeasures-2
says
> To prevent injection of authorization codes into the client, using
> code_challenge and code_verifier is REQUIRED for clients, and authorization
> servers MUST enforce their use unless both of the
14 matches
Mail list logo