Thank you, Gorry, for the review and ballot position. We can definitely expand the abstract a bit with some text along the lines of your suggestion.
On Mon, May 25, 2026 at 4:48 PM Gorry Fairhurst via Datatracker < [email protected]> wrote: > Gorry Fairhurst has entered the following ballot position for > draft-ietf-oauth-identity-chaining-12: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to > https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ > for more information about how to handle DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-oauth-identity-chaining/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Thank you for the work that has been put into this document. I do not see > any > transport-protocol related concerns. > > However, I would have found it helpful to have read a more informative > abstract. > > I would expect this to explain that request information needs to be > preserved > when a request crosses one or more trust domains, known as "chaining", and > to > mention the combination of OAuth 2.0 Token Exchange and the JWT Profile for > OAuth 2.0 Client Authentication and Authorization Grants. Please consider > adding one or two more lines of text. > > Gorry > > > > -- _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._
_______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
