>> List of open issues:
>>
>> * Consensus for new Client Registration section (2)
>> * Consensus for revised Redirection URI section (3.1.2)
>> * Consensus for new token endpoint Client Authentication section (3.2.1)
>> * Consensus for new authorization endpoint response type extensibility (8.4)

These issues have been open for almost a week -- they're issues 15
thru 18 in the tracker:
   http://trac.tools.ietf.org/wg/oauth/trac/report/1

There's already text in draft-ietf-oauth-v2-18 for them, marked as
"pending consensus", so we have only to confirm that the text is
acceptable to the working group.  There's been no discussion of that
text that I've seen, and I take that to mean that what's there looks
good.

We'll give it another few days, and take silence to mean assent.  In
other words, if anyone has problems with the "pending consensus" text,
please start a new thread about it, and put the issue number in the
subject line ("Subject: Issue 15, new client registration", for
example).  Barring objections by this coming Tuesday afternoon (19
July), I will close issues 15 thru 18.

As soon as we get resolutions for issues 19 thru 21, we'd like to
start working group last call on draft-ietf-oauth-v2.  So let's get
all the issues sorted out as soon as we can, and move this document
ahead.

Issues 19 thru 21:
> * Missing example from security section 10.4 Refresh Tokens
> * Missing reference to DOM variable example in section 10.12 Cross-Site
>   Request Forgery
> * Need editing for 10.13 Clickjacking to better align with the protocol 
> terminology,
>   missing reference for x-frame-options header

Barry, as chair
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to