The new introduction text at
https://www.ietf.org/archive/id/draft-ietf-oauth-rfc7523bis-01.html#name-introduction
is intended to make this clear.
Thanks,
-- Mike
From: Watson Ladd <[email protected]>
Sent: Thursday, April 24, 2025 3:08 PM
To: Deb Cooley <[email protected]>
Cc: Brian Campbell <[email protected]>; IETF oauth WG
<[email protected]>
Subject: [OAUTH-WG] Re: Updates to RFC 7523
On Thu, Apr 24, 2025, 3:02 PM Deb Cooley
<[email protected]<mailto:[email protected]>> wrote:
So, I went back and looked at the OAUTH 122 meetings, and I was at that session
(in my defense it was on Friday and Ben will remember what that's like). So
apologies....
I will go back and re-look at the facts, and I do, in fact, have it as a topic
on the informal next week.
So in any case, it will be sorted by next Thursday. And once the wg thinks it
is ready to go, we can expedite on the IESG/RFC Editor end.
If the only thing we're doing is fixing this one security problem a few
editorial bits might want changing to make that clearer
Deb
On Thu, Apr 24, 2025 at 7:51 AM Deb Cooley
<[email protected]<mailto:[email protected]>> wrote:
I was at the OAUTH interim where this was discussed. I did feel like the
current course was more straightforward for those implementing. [if this was
discussed at 122, my memory fails me]
As a caution, I have added this issue to the next IESG informal meeting. I
will relay the result of that discussion here.
Deb
On Wed, Apr 23, 2025 at 3:31 PM Brian Campbell
<[email protected]<mailto:[email protected]>>
wrote:
I commented on, and approved, the PR but will say on-list here for posterity
that, even from a structural standpoint, I think that it'd be more
straightforward to build up from
https://datatracker.ietf.org/doc/html/draft-campbell-oauth-rfc7523redux
(acknowledging it's little more than an outline currently) rather than
reworking/working from the current
xml<https://github.com/oauth-wg/draft-ietf-oauth-rfc7523bis/blob/ae2bb070cd1624881ceffdafcaf631cabe54c57b/draft-ietf-oauth-rfc7523bis.xml>.
But to the extent things are moving in that direction, I'm good with it.
On Tue, Apr 22, 2025 at 1:04 PM Brian Campbell
<[email protected]<mailto:[email protected]>> wrote:
On Tue, Apr 22, 2025 at 1:01 PM Benjamin Kaduk
<[email protected]<mailto:[email protected]>> wrote:
I hope we don't end up with a "late surprise" later on.
Yeah, me too.
CONFIDENTIALITY NOTICE: This email may contain confidential and privileged
material for the sole use of the intended recipient(s). Any review, use,
distribution or disclosure by others is strictly prohibited. If you have
received this communication in error, please notify the sender immediately by
e-mail and delete the message and any file attachments from your computer.
Thank you._______________________________________________
OAuth mailing list -- [email protected]<mailto:[email protected]>
To unsubscribe send an email to
[email protected]<mailto:[email protected]>
_______________________________________________
OAuth mailing list -- [email protected]<mailto:[email protected]>
To unsubscribe send an email to
[email protected]<mailto:[email protected]>
_______________________________________________
OAuth mailing list -- [email protected]
To unsubscribe send an email to [email protected]
