Hello, I just finished my review of http://datatracker.ietf.org/doc/draft-ietf-oauth-saml2-bearer. The draft looks great, thank you for all of your efforts on it!
I did notice that there were no privacy considerations pointing back to RFC6973, could that text be added? The draft came after the Oauth framework publication (refernced in the security considerations), so I am guessing that is why this was missed as there are privacy considerations in the oauth assertion draft (I competed that review as well and the draft looked great. I don't have any comments to add prior to progressing the draft). Thank you. -- Best regards, Kathleen
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
