1. Figure 4 needs to be updated as it no longer matches Figure 3. 2. In section 8.2 - Should he error usage location match any of the current values in the table. Possibly "authorization server response"
3. In section 8.3 - Is/Should there be a requirement that the error also be registered in an OAuth registry? If so then this needs to be part of the expert reviewer instructions on this registry. 4. In section 8.4 - Is there a reason to require a specification for this registry? Should it be sufficient to have somebody request that a mapping be registered and the DE approves it? The previous comment would apply to all of the mapping registries that are just mappings. 5. In section 8.5 - You are missing two fields of the registration template. Specifically should the expiration time field be noted in the "Additional Token Endpoint Response Parameters" column. 6. In section 8.9 - see comments of section 8.3 and 8.4 7. In section 8.11 - see comments of section 8.3 and 8.4 8. This document has an IPR disclosure on it. If anybody has any problems with the current disclosure then they need to speak up now. Jim _______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
