On Fri, Feb 19, 2021 at 10:09 PM Brian Campbell
wrote:
> Publishing an independent stream RFC that runs contrary to the BCP
> coming out of the WG does seem potentially harmful.
>
> On Mon, Feb 15, 2021 at 11:59 AM RFC ISE (Adrian Farrel)
> wrote:
>> I want to be sure that ... there is no
I was mentioning it primarily as another example of the assumption that GET
requests are safe. However, the draft rfc6265bis [1] does seem concerned about
this, and mentions as a possible attack vector. This would
again potentially pull the access token into the renderer’s memory space (until
Thank you Joseph for your comments!
> 1. (Editorial) What is the relationship between this document and RFC 7523.
> They are using JWT for different purposes, but I think it would be useful to
>clarify this in the introduction.
Good point, I agree it would be good to preempt doubts on
Thank you Roni,
Great catch! I made those two client_id values consistent, the change will
appear in 12.
Thanks
V.
On 2/7/21, 01:28, "Roni Even via Datatracker" wrote:
Reviewer: Roni Even
Review result: Ready with Nits
I am the assigned Gen-ART reviewer for this draft. The
