The following errata report has been verified for RFC6749, "The OAuth 2.0 Authorization Framework".
-------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid5708 -------------------------------------- Status: Verified Type: Editorial Reported by: Brian Campbell <[email protected]> Date Reported: 2019-04-29 Verified by: Roman Danyliw (IESG) Section: 3.1 and 3.2 Original Text ------------- Parameters sent without a value MUST be treated as if they were omitted from the request. The authorization server MUST ignore unrecognized request parameters. Request and response parameters MUST NOT be included more than once. Corrected Text -------------- Parameters sent without a value MUST be treated as if they were omitted from the request. The authorization server MUST ignore unrecognized request parameters. Request and response parameters defined by this specification MUST NOT be included more than once. Notes ----- Adds the text "defined by this specification" to the last sentence to clarify that the restriction only applies to parameters defined in RFC 6749 and not to unrecognized parameters or parameters defined by extension. -------------------------------------- RFC6749 (draft-ietf-oauth-v2-31) -------------------------------------- Title : The OAuth 2.0 Authorization Framework Publication Date : October 2012 Author(s) : D. Hardt, Ed. Category : PROPOSED STANDARD Source : Web Authorization Protocol Area : Security Stream : IETF Verifying Party : IESG _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
