>> List of open issues: >> >> * Consensus for new Client Registration section (2) >> * Consensus for revised Redirection URI section (3.1.2) >> * Consensus for new token endpoint Client Authentication section (3.2.1) >> * Consensus for new authorization endpoint response type extensibility (8.4)
These issues have been open for almost a week -- they're issues 15 thru 18 in the tracker: http://trac.tools.ietf.org/wg/oauth/trac/report/1 There's already text in draft-ietf-oauth-v2-18 for them, marked as "pending consensus", so we have only to confirm that the text is acceptable to the working group. There's been no discussion of that text that I've seen, and I take that to mean that what's there looks good. We'll give it another few days, and take silence to mean assent. In other words, if anyone has problems with the "pending consensus" text, please start a new thread about it, and put the issue number in the subject line ("Subject: Issue 15, new client registration", for example). Barring objections by this coming Tuesday afternoon (19 July), I will close issues 15 thru 18. As soon as we get resolutions for issues 19 thru 21, we'd like to start working group last call on draft-ietf-oauth-v2. So let's get all the issues sorted out as soon as we can, and move this document ahead. Issues 19 thru 21: > * Missing example from security section 10.4 Refresh Tokens > * Missing reference to DOM variable example in section 10.12 Cross-Site > Request Forgery > * Need editing for 10.13 Clickjacking to better align with the protocol > terminology, > missing reference for x-frame-options header Barry, as chair _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
