WG,
A new -02 draft of "OAuth 2.0 Pushed Authorization Requests" has been
published. A summary of the changes, taken from the document history, is
included below for ease of reference.
-02
* Update Resource Indicators reference to the somewhat recently
published RFC 8707 <https://datatracker.ietf.org/doc/html/rfc8707>
* Added metadata in support of pushed authorization requests only
feature
* Update to comply with draft-ietf-oauth-jwsreq-21
<https://datatracker.ietf.org/doc/html/draft-ietf-oauth-jwsreq-21>,
which requires
"client_id" in the authorization request in addition to the
"request_uri"
* Clarified timing of request validation
* Add some guidance/options on the request URI structure
* Add the key used in the request object example so that a reader
could validate or recreate the request object signature
* Update to draft-ietf-oauth-jwsreq-25
<https://datatracker.ietf.org/doc/html/draft-ietf-oauth-jwsreq-25> and
added note regarding
"require_signed_request_object"
---------- Forwarded message ---------
From: <internet-dra...@ietf.org>
Date: Fri, Jul 10, 2020 at 1:21 PM
Subject: New Version Notification for draft-ietf-oauth-par-02.txt
To: Filip Skokan <panva...@gmail.com>, Torsten Lodderstedt <
tors...@lodderstedt.net>, Brian Campbell <bcampb...@pingidentity.com>, Dave
Tonge <d...@tonge.org>, Nat Sakimura <n...@sakimura.org>
A new version of I-D, draft-ietf-oauth-par-02.txt
has been successfully submitted by Brian Campbell and posted to the
IETF repository.
Name: draft-ietf-oauth-par
Revision: 02
Title: OAuth 2.0 Pushed Authorization Requests
Document date: 2020-07-10
Group: oauth
Pages: 18
URL:
https://www.ietf.org/internet-drafts/draft-ietf-oauth-par-02.txt
Status: https://datatracker.ietf.org/doc/draft-ietf-oauth-par/
Htmlized: https://tools.ietf.org/html/draft-ietf-oauth-par-02
Htmlized: https://datatracker.ietf.org/doc/html/draft-ietf-oauth-par
Diff: https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-par-02
Abstract:
This document defines the pushed authorization request endpoint,
which allows clients to push the payload of an OAuth 2.0
authorization request to the authorization server via a direct
request and provides them with a request URI that is used as
reference to the data in a subsequent authorization request.
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
The IETF Secretariat
--
_CONFIDENTIALITY NOTICE: This email may contain confidential and privileged
material for the sole use of the intended recipient(s). Any review, use,
distribution or disclosure by others is strictly prohibited. If you have
received this communication in error, please notify the sender immediately
by e-mail and delete the message and any file attachments from your
computer. Thank you._
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
