I haven’t read the document yet, but idnits did some reading for me:
** The document seems to lack a Security Considerations section.
** The abstract seems to contain references ([RFC7519]), which it
shouldn't. Please replace those with straight textual mentions of the
documents in question.
** Obsolete normative reference: RFC 7159 (Obsoleted by RFC 8259)
I’ll get to the content later…
Grüße, Carsten
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
