Draft -04 of the Authentication Method Reference Values specification addresses comments by our security area director Kathleen Moriarty. Changes were:
· Added “amr” claim examples with both single and multiple values. · Clarified that the actual credentials referenced are not part of this specification to avoid additional privacy concerns for biometric data. · Clarified that the OAuth 2.0 Threat Model [RFC6819] applies to applications using this specification. The specification is available at: · http://tools.ietf.org/html/draft-ietf-oauth-amr-values-04 An HTML-formatted version is also available at: · http://self-issued.info/docs/draft-ietf-oauth-amr-values-04.html -- Mike P.S. This notice was also posted at http://self-issued.info/?p=1617 and as @selfissued<https://twitter.com/selfissued>.
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
