A few editorial points about references:
- the draft is referencing an old draft of the bearer token spec (-04),
rather than the current version (-06),
- the draft is referencing an old draft of the SAML bearer spec (-03),
rather than the current version (-04),
- the draft is not referencing the assertions spec
draft-ietf-oauth-assertions-00, which would make sense in Section 4.5
(Extensions)
Also, the example in 4.5 should be updated to match the current SAML bearer
spec:
grant_type=http%3A%2F%2Foauth.net%2Fgrant_type%2Fsaml%2F2.0%2F
bearer&assertion=PEFzc2VydGlvbiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDUtM
[...omitted for brevity...]V0aG5TdGF0ZW1lbnQ-PC9Bc3NlcnRpb24-
Thanks,
-- Mike
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of Eran
Hammer-Lahav
Sent: Monday, July 25, 2011 1:07 AM
To: OAuth WG
Subject: [OAUTH-WG] Draft -19
Draft 19 includes all the feedback received for -18:
* Closes issues 15-19
* Moved client profiles to section 2.1 from 10
* New text for 'Code Injection and Input Validation'
* A few minor editorial clarifications
There are two open issues (20, 21) which are minor editorial requests, and the
request being discussed on the list to change the public/private client type
terminology to something else.
I consider draft -19 to be ready for WGLC immediately.
Thanks,
EHL
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
