[OAUTH-WG] Weekly github digest (OAuth Activity Summary)

Repository Activity Summary Bot Sun, 31 Aug 2025 00:44:15 -0700



Events without label "editorial"

Issues
------
* oauth-wg/oauth-identity-chaining (+1/-0/💬0)
 1 issues created:
 - WGLC (1 of ?): trust relationship reliazation (by bc-pi)

https://github.com/oauth-wg/oauth-identity-chaining/issues/169

* oauth-wg/oauth-transaction-tokens (+32/-0/💬4)
 32 issues created:
 - WGLC Editorial comments from Dan Moore (by PieterKas)

https://github.com/oauth-wg/oauth-transaction-tokens/issues/236 [WGLC Feedback]- Empty Type Parameter (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/235 [WGLC Feedback]- TTS Configuration (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/234 [WGLC Feedback]- Logical vs Physical TTS (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/233 [WGLC Feedback]- Need consistent normative language for txn claim (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/232 [WGLC Feedback]- Describe parameter use (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/231 [WGLC Feedback]- Clarify "JWT Representation" (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/230 [WGLC Feedback]- Consider "Authorization surface" (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/229 [WGLC Feedback]- Clarify claim usage (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/228 [WGLC Feedback]- Clarify Normative Language (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/227 [WGLC Feedback]- Clarify "determining" (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/226 [WGLC Feedback]- Define subject of transaction token (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/225 [WGLC Feedback]- Consistency with Section 2.2.1 (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/224- Clarify Example (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/223 [WGLC Feedback]- Should tctx field be a MUST (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/222 [WGLC Feedback]- Clarify difference between sub and req_wl (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/221 [WGLC Feedback]- Clarify aud claim (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/220 [WGLC Feedback]- WGLC Editorial Feedback from Joe Saloway (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/219 [WGLC Feedback]- Reference WIMSE WIT (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/218 [WGLC Feedback]- Transaction token Lifetime extension (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/217 [WGLC Feedback]- txn-ctx modification (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/216 [WGLC Feedback]- Request context validation (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/215 [WGLC Feedback]- Self signed JWT Validation (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/214 [WGLC Feedback]- Compare WIMSE arch doc terminology with Transaction token spec (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/213 [WGLC Feedback]- Create internally initiated example (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/212 [WGLC Feedback]- Extend life of transaction tokens (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/211 [WGLC Feedback]- Revise Normative Langugage (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/210 [WGLC Feedback]- Consider stronger normative language (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/209 [WGLC Feedback]- Expand on use case in section 2.2.1 (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/208 [WGLC Feedback]- Consider information disclosure as a benefit (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/207 [WGLC Feedback]- Relation of purpose to scope validated at API gateway (by obfuscoder)https://github.com/oauth-wg/oauth-transaction-tokens/issues/206- purpose containing multiple space-delimited strings (by obfuscoder)https://github.com/oauth-wg/oauth-transaction-tokens/issues/205

 4 issues received 4 new comments:
 - #197 Clarify request_details (1 by PieterKas)

https://github.com/oauth-wg/oauth-transaction-tokens/issues/197 [WGLC Feedback]- #194 Reconsider 'purp' claim scope (1 by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/194 [WGLC Feedback]- #193 Rationale for 'txn' being REQUIRED (1 by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/193 [WGLC Feedback]- #189 Allow Gateways to issue Tx-token to self without using RFC8693 (1 by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/189 [WGLC Feedback]

* oauth-wg/oauth-sd-jwt-vc (+1/-1/💬13)
 1 issues created:
 - Remove Type Metadata Glue Documents (by bc-pi)

https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/334

 5 issues received 13 new comments:
 - #334 Remove Type Metadata Glue Documents (5 by adeinega, awoie, babisRoutis, 
bc-pi)

https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/334- #333 mandate JWT when ietf status list is used (there is also cwt) (1 by bc-pi)https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/333 [HAS PR]- #331 Type Metadata documents in the unprotected header of the JWS (4 by adeinega, babisRoutis, bc-pi)https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/331- #320 Glue document to the protected header? (2 by bc-pi)https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/320- #315 Recommend against using the x5u parameter in JWK (1 by bc-pi)https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/315 [Ready-for-PR]

 1 issues closed:

- Glue document to the protected header? https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/320

* oauth-wg/draft-ietf-oauth-attestation-based-client-auth (+1/-0/💬0)
 1 issues created:
 - Feedback from mailing list (by c2bo)

https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/140



Pull requests
-------------
* oauth-wg/oauth-transaction-tokens (+1/-0/💬0)
 1 pull requests submitted:
 - Proposed change to definition of authorization context (by PieterKas)

https://github.com/oauth-wg/oauth-transaction-tokens/pull/237

* oauth-wg/oauth-sd-jwt-vc (+2/-0/💬8)
 2 pull requests submitted:
 - fix: add privacy concerns for cnf handling (by cre8)

https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/340- Status List Token has to be a JWT (by bc-pi)https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/339

 2 pull requests received 8 new comments:
 - #340 fix: add privacy concerns for cnf handling (3 by bc-pi, cre8)

https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/340- #336 Set vct:integrity to the list of attribute to not selectively disclosed (5 by babisRoutis, bc-pi, cre8)https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/336


Repositories tracked by this digest:
-----------------------------------
* https://github.com/oauth-wg/oauth-browser-based-apps
* https://github.com/oauth-wg/oauth-identity-chaining
* https://github.com/oauth-wg/oauth-transaction-tokens
* https://github.com/oauth-wg/oauth-sd-jwt-vc
* https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata
* https://github.com/oauth-wg/oauth-cross-device-security
* https://github.com/oauth-wg/oauth-selective-disclosure-jwt
* https://github.com/oauth-wg/oauth-v2-1
* https://github.com/oauth-wg/draft-ietf-oauth-status-list
* https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth


--
To have a summary like this sent to your list, see: 
https://github.com/ietf-github-services/activity-summary

_______________________________________________
OAuth mailing list -- oauth@ietf.org
To unsubscribe send an email to oauth-le...@ietf.org

[OAUTH-WG] Weekly github digest (OAuth Activity Summary)

Reply via email to