Thanks Takahiko, mentioning it on the list is enough. I've fixed it in the editors' draft https://github.com/ietf-oauth-mtls/i-d/commit/c6725e30dd1dc2f77aa293bce7fd1849713ed406
On Mon, Jun 12, 2017 at 5:33 AM, Takahiko Kawasaki <[email protected]> wrote: > Hello, > > I'm sorry for this FAQ but where can I make comments for the draft of > "Mutual TLS Profiles for OAuth Clients"? > > I found a trivial editorial issue in the last paragraph in "3. Mutual TLS > Sender Constrained Resources Access". The second 'that' in "... verify that > the that certificate matches ..." should be removed (= that part should be > "... verify that the certificate matches ..."). Is it enough to mention it > in this mailing list like this? > > Best Regards, > Takahiko Kawasaki > > 2017-05-27 5:34 GMT+09:00 Brian Campbell <[email protected]>: > >> A new draft of "Mutual TLS Profiles for OAuth Clients" has been published. >> The changes from the previous version are summarized below. >> >> >> draft-ietf-oauth-mtls-01 >> <https://datatracker.ietf.org/doc/html/draft-ietf-oauth-mtls-01> >> >> o Added more explicit details of using RFC 7662 >> <https://datatracker.ietf.org/doc/html/rfc7662> token introspection >> with mutual TLS sender constrained access tokens. >> o Added an IANA OAuth Token Introspection Response Registration >> request for "cnf". >> o Specify that tls_client_auth_subject_dn and >> tls_client_auth_root_dn are RFC 4514 >> <https://datatracker.ietf.org/doc/html/rfc4514> String Representation of >> Distinguished Names. >> o Changed tls_client_auth_issuer_dn to tls_client_auth_root_dn. >> o Changed the text in the Section 3 >> <https://datatracker.ietf.org/doc/html/draft-ietf-oauth-mtls-01#section-3> >> to not be specific about using a >> hash of the cert. >> o Changed the abbreviated title to 'OAuth Mutual TLS' (previously >> was the acronym MTLSPOC). >> >> >> >> >> ---------- Forwarded message ---------- >> From: <[email protected]> >> Date: Fri, May 26, 2017 at 2:26 PM >> Subject: [OAUTH-WG] I-D Action: draft-ietf-oauth-mtls-01.txt >> To: [email protected] >> Cc: [email protected] >> >> >> >> A New Internet-Draft is available from the on-line Internet-Drafts >> directories. >> This draft is a work item of the Web Authorization Protocol of the IETF. >> >> Title : Mutual TLS Profiles for OAuth Clients >> Authors : Brian Campbell >> John Bradley >> Nat Sakimura >> Torsten Lodderstedt >> Filename : draft-ietf-oauth-mtls-01.txt >> Pages : 12 >> Date : 2017-05-26 >> >> Abstract: >> This document describes Transport Layer Security (TLS) mutual >> authentication using X.509 certificates as a mechanism for both OAuth >> client authentication to the token endpoint as well as for sender >> constrained access to OAuth protected resources. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-ietf-oauth-mtls/ >> >> There are also htmlized versions available at: >> https://tools.ietf.org/html/draft-ietf-oauth-mtls-01 >> https://datatracker.ietf.org/doc/html/draft-ietf-oauth-mtls-01 >> >> A diff from the previous version is available at: >> https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-mtls-01 >> >> >> Please note that it may take a couple of minutes from the time of >> submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> _______________________________________________ >> OAuth mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/oauth >> >> >> _______________________________________________ >> OAuth mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/oauth >> >> > -- *CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.*
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
