Re: [OAUTH-WG] tsv-dir review of draft-ietf-oauth-v2-23

2012-03-07 Thread Eran Hammer
; Martin Stiemerling; oauth@ietf.org; tsv-...@ietf.org Subject: Re: [OAUTH-WG] tsv-dir review of draft-ietf-oauth-v2-23 On 02/15/2012 04:33 AM, Songhaibin wrote: I've reviewed this document as part of the transport area directorate's ongoing effort to review key IETF documents

Re: [OAUTH-WG] tsv-dir review of draft-ietf-oauth-v2-23

2012-03-07 Thread Eran Hammer
Thanks Haibin. -Original Message- From: Songhaibin [mailto:haibin.s...@huawei.com] Sent: Wednesday, February 15, 2012 1:33 AM Nits: 1. Section 3.1, paragraph 4, the last sentence is confusing, is it the authorization server who sends the request to the authorization endpoint? Or

Re: [OAUTH-WG] tsv-dir review of draft-ietf-oauth-v2-23

2012-03-07 Thread Songhaibin
5. Section 10.6, paragraph 2, second sentence, When the attacker is sent to.../ When the authorization code request is sent to... Not sure what you mean. I mean you may have to change the attacker is sent to... to the authorization code is sent to BR, -Haibin -Original

Re: [OAUTH-WG] tsv-dir review of draft-ietf-oauth-v2-23

2012-03-07 Thread Songhaibin
...@tools.ietf.org; tsv-...@tools.ietf.org; tsv-...@ietf.org; oauth@ietf.org; Martin Stiemerling Subject: Re: [OAUTH-WG] tsv-dir review of draft-ietf-oauth-v2-23 -Original Message- From: Songhaibin [mailto:haibin.s...@huawei.com] Sent: Friday, February 17, 2012 12:53 AM To: Justin

Re: [OAUTH-WG] tsv-dir review of draft-ietf-oauth-v2-23

2012-03-07 Thread Eran Hammer
Should simple read the attacker's user-agent is sent to. EH -Original Message- From: Songhaibin [mailto:haibin.s...@huawei.com] Sent: Wednesday, March 07, 2012 6:11 PM To: Eran Hammer; tsv-...@tools.ietf.org; draft-ietf-oauth...@tools.ietf.org Cc: tsv-...@ietf.org; oauth@ietf.org;

Re: [OAUTH-WG] tsv-dir review of draft-ietf-oauth-v2-23

2012-02-17 Thread Songhaibin
; tsv-...@ietf.org Subject: Re: [OAUTH-WG] tsv-dir review of draft-ietf-oauth-v2-23 On 02/15/2012 04:33 AM, Songhaibin wrote: I've reviewed this document as part of the transport area directorate's ongoing effort to review key IETF documents. These comments were written primarily

[OAUTH-WG] tsv-dir review of draft-ietf-oauth-v2-23

2012-02-15 Thread Songhaibin
I've reviewed this document as part of the transport area directorate's ongoing effort to review key IETF documents. These comments were written primarily for the transport area directors, but are copied to the document's authors for their information and to allow them to address any issues

Re: [OAUTH-WG] tsv-dir review of draft-ietf-oauth-v2-23

2012-02-15 Thread Justin Richer
On 02/15/2012 04:33 AM, Songhaibin wrote: I've reviewed this document as part of the transport area directorate's ongoing effort to review key IETF documents. These comments were written primarily for the transport area directors, but are copied to the document's authors for their information