Hello, I reviewed draft-ietf-oauth-dyn-reg-management, which reads well and I just have a few questions and suggestions below that would be good to address prior to IETF last call.
Section 1.3 Bullet D might be easier to read as a list within the bullet. Section 2 This is something I don't recall offhand and may be in place in another draft, so a pointer would be great. Is there an MTI set for one of the recommended cipher suites in the TLS & DTLS BCP to ensure interoperability (but also allow for algorithm agility)? If not and there is a reason, please explain. See section 4: https://datatracker.ietf.org/doc/draft-ietf-uta-tls-bcp/ This is not the right draft to add this content, but I'd like to know if it is covered somewhere or doesn't need to be for some reason. TLS requirements should point to that draft (assuming one exists) so there is only one place to update if needed for any specific requirements to OAuth. IANA Considerations: The shepherd report says that there are no actions for IANA, so this needs to be updated as the draft is the specification required to add two new entries to an existing registry, established by the parent document. It does require DE review on the mailing list: [email protected] If that has been done, then a pointer to the archive would be helpful. Thank you. -- Best regards, Kathleen
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
