Hi Roman, We are unable to verify this erratum that the submitter marked as editorial. Please note that we have changed the “Type” of the following errata report to “Technical”. As Stream Approver, please review and set the Status and Type accordingly (see the definitions at https://www.rfc-editor.org/errata-definitions/).
Note that this errata report has two parts. One part states that "example.com should be client.example.com”. This is a duplicate of EID 4819, which is still in Reported state (see https://www.rfc-editor.org/errata/eid4819). Keep this in mind during your review. You may review the report at: https://www.rfc-editor.org/errata/eid7716 Please see https://www.rfc-editor.org/how-to-verify/ for further information on how to verify errata reports. Further information on errata can be found at: https://www.rfc-editor.org/errata.php Thank you. RFC Editor/rv > On Nov 29, 2023, at 8:56 AM, RFC Errata System <[email protected]> > wrote: > > The following errata report has been submitted for RFC6749, > "The OAuth 2.0 Authorization Framework". > > -------------------------------------- > You may review the report below and at: > https://www.rfc-editor.org/errata/eid7716 > > -------------------------------------- > Type: Editorial > Reported by: Alex Wilson <[email protected]> > > Section: 4.2.2 > > Original Text > ------------- > For example, the authorization server redirects the user-agent by > sending the following HTTP response (with extra line breaks for > display purposes only): > > HTTP/1.1 302 Found > Location: http://example.com/cb#access_token=2YotnFZFEjr1zCsicMWpAA > &state=xyz&token_type=example&expires_in=3600 > > > Corrected Text > -------------- > For example, the authorization server redirects the user-agent by > sending the following HTTP response (with extra line breaks for > display purposes only): > > HTTP/1.1 302 Found > Location: http://client.example.com/cb?access_token=2YotnFZFEjr1zCsicMWpAA > &state=xyz&token_type=example&expires_in=3600 > > > Notes > ----- > - Host example.com should be client.example.com to be consistent with other > examples. > - A hash is used for the query parameters when a question mark should have > been used. > > Instructions: > ------------- > This erratum is currently posted as "Reported". (If it is spam, it > will be removed shortly by the RFC Production Center.) Please > use "Reply All" to discuss whether it should be verified or > rejected. When a decision is reached, the verifying party > will log in to change the status and edit the report, if necessary. > > -------------------------------------- > RFC6749 (draft-ietf-oauth-v2-31) > -------------------------------------- > Title : The OAuth 2.0 Authorization Framework > Publication Date : October 2012 > Author(s) : D. Hardt, Ed. > Category : PROPOSED STANDARD > Source : Web Authorization Protocol > Area : Security > Stream : IETF > Verifying Party : IESG > _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
