[OAUTH-WG] I-D Action: draft-ietf-oauth-status-list-01.txt

[internet-drafts]

Internet-Draft draft-ietf-oauth-status-list-01.txt is now available. It is a
work item of the Web Authorization Protocol (OAUTH) WG of the IETF.

   Title:   Token Status List
   Authors: Tobias Looker
Paul Bastian
Christian Bormann
   Name:draft-ietf-oauth-status-list-01.txt
   Pages:   25
   Dates:   2024-02-05

Abstract:

   This specification defines status list data structures for
   representing the status of JSON Web Tokens (JWTs) [RFC7519] and CBOR
   Web Tokens (CWTs) [RFC8392].  The status list data structures
   themselves are also represented as JWTs or CWTs.

The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-status-list/

There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-oauth-status-list-01.html

A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-oauth-status-list-01

Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts


___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Re: [OAUTH-WG] Weekly github digest (OAuth Activity Summary)

[Aaron Parecki]

Happy Monday! I just added several OAuth GitHub repos to the IETF tools
that send out this weekly digest about activity on GitHub. I hope this
helps everyone become more aware of the activity in the group. If you have
an adopted draft on GitHub that isn't part of this list, get in touch with
me and we can get it added too. Thanks!

Aaron


On Sat, Feb 3, 2024 at 11:40 PM Repository Activity Summary Bot
 wrote:

> Sunday February 04, 2024
>
> Events without label "editorial"
> Issues oauth-wg/oauth-identity-chaining (+0/-4/5)
>
> 5 issues received 5 new comments:
>
>- #69 Add Aaron Parecki to acknowledgements section
> (1 by
>bc-pi)
>- #67 Change spec name to focus on Authz
> (1 by
>bc-pi)
>- #61 authorization grant type can't be the same as the issued token
>type 
>(1 by bc-pi)
>- #60 example response missing issued_token_type
> (1 by
>bc-pi)
>- #45 Consider limiting token formats to JWT
> (1 by
>bc-pi)
>
> 4 issues closed:
>
>- #69 Add Aaron Parecki to acknowledgements section
>
>- #61 authorization grant type can't be the same as the issued token
>type 
>- #60 example response missing issued_token_type
>
>- #45 Consider limiting token formats to JWT
>
>
> oauth-wg/oauth-transaction-tokens (+2/-11/22)
>
> 2 issues created:
>
>- #69 Do we still need replacement transaction tokens.
> (by
>PieterKas)
>- #66 Trust domain/audience claim format URI or StringOrUri?
> (by
>obfuscoder)
>
> 9 issues received 22 new comments:
>
>- #69 Do we still need replacement transaction tokens.
> (1 by
>PieterKas)
>- #63 audience REQUIRED for just one trust domain?
> (4 by
>gffletch, obfuscoder, tulshi)
>- #62 Long-living Access Token needed for internal batch
>processes/offline tasks?
> (4 by
>gffletch, obfuscoder, tulshi)
>- #58 Authorization details presentation and processing
> (1 by
>tulshi) PR57
>- #56 RFC 9493 and sub_id formats
> (3 by
>obfuscoder, tulshi) PR57
>- #53 Transaction Tokens for S2S calls
> (5 by
>dteleguin, obfuscoder, tulshi)
>- #52 Should the azd claim be mandatory or optional
> (1 by
>tulshi) pre-adoption
>- #35 How do internal services authorize the Transaction Tokens?
> (2 by
>obfuscoder, tulshi)
>- #21 Txt token Header
> (1 by
>obfuscoder)
>
> 11 issues closed:
>
>- #66 Trust domain/audience claim format URI or StringOrUri?
>
>- #63 audience REQUIRED for just one trust domain?
>
>- #48 "sender constrained" language needs improvement
>
>- #21 Txt token Header
>
>- #35 How do internal services authorize the Transaction Tokens?
>
>- #56 RFC 9493 and sub_id formats
> PR57
>- #52 Should the azd claim be mandatory or optional
>
>pre-adoption
>- #58 Authorization details presentation and processing
> PR57
>- #60 Use of `actor_token` and `actor_token_type`
> PR57
>- #61 How is the `purp` claim of the Txn-Token defined?
> PR57