Aaron, Torsten, and I -- with some help from Daniel -- have created a new version of draft-pareck-oauth-v2-1. I think we are ready for a WG adoption call (assuming the updated charter).
Here is the doc: https://tools.ietf.org/html/draft-parecki-oauth-v2-1-03 Here is a link to the diff from -02: https://tools.ietf.org/rfcdiff?url2=draft-parecki-oauth-v2-1-03.txt This version incorporates feedback from the WG, as well as editorial changes to improve readability. Highlights: - Appendix of current known extensions, and references to the Appendix so that readers become aware of related work. - defined new client type - credentialed clients - a client that has credentials, but the AS has not confirmed the identity of the client. Confidential clients have had their identity confirmed by the AS. We talked about changing the names of confidential and public, but thought that would be confusing. This new definition cleans up the text substantially. - consistent use of redirect URI rather than mixing in redirect endpoint URI and redirect endpoint. - adopted new language on when PKCE is required. - removed IANA section (nothing new is in 2.1) / Dick
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
