Issue 18 did raise some comments. The feedback was that the parameter value 
should be changed from a simple string to a space-delimited list of values. 5 
people expressed support with 2 (myself included) expressed concern about this 
change. I would be great if others would take 10 minutes to study it and join 
the conversation (the thread is 'defining new response types').

Issues 15-17 are not trivial changes and I would really like to see some 
comments about them, even if just of support.

EHL


> -----Original Message-----
> From: [email protected] [mailto:[email protected]] On Behalf
> Of Barry Leiba
> Sent: Friday, July 15, 2011 7:37 AM
> To: OAuth WG
> Subject: Re: [OAUTH-WG] draft-ietf-oauth-v2-18
> 
> >> List of open issues:
> >>
> >> * Consensus for new Client Registration section (2)
> >> * Consensus for revised Redirection URI section (3.1.2)
> >> * Consensus for new token endpoint Client Authentication section
> >> (3.2.1)
> >> * Consensus for new authorization endpoint response type
> >> extensibility (8.4)
> 
> These issues have been open for almost a week -- they're issues 15 thru 18 in
> the tracker:
>    http://trac.tools.ietf.org/wg/oauth/trac/report/1
> 
> There's already text in draft-ietf-oauth-v2-18 for them, marked as "pending
> consensus", so we have only to confirm that the text is acceptable to the
> working group.  There's been no discussion of that text that I've seen, and I
> take that to mean that what's there looks good.
> 
> We'll give it another few days, and take silence to mean assent.  In other
> words, if anyone has problems with the "pending consensus" text, please
> start a new thread about it, and put the issue number in the subject line
> ("Subject: Issue 15, new client registration", for example).  Barring 
> objections
> by this coming Tuesday afternoon (19 July), I will close issues 15 thru 18.
> 
> As soon as we get resolutions for issues 19 thru 21, we'd like to start 
> working
> group last call on draft-ietf-oauth-v2.  So let's get all the issues sorted 
> out as
> soon as we can, and move this document ahead.
> 
> Issues 19 thru 21:
> > * Missing example from security section 10.4 Refresh Tokens
> > * Missing reference to DOM variable example in section 10.12 Cross-Site
> >   Request Forgery
> > * Need editing for 10.13 Clickjacking to better align with the protocol
> terminology,
> >   missing reference for x-frame-options header
> 
> Barry, as chair
> _______________________________________________
> OAuth mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to