Hi,
I read the document, have no concerns, and support it.
Christian
On 01.05.21 22:46, Rifaat Shekh-Yusef wrote:
All,
We have not seen any comments on this document.
Can you please review the document and provide feedback, or indicate that
you have reviewed the document and have no concerns.
Hi all,
I reviewed the document and have no objections. I think we can move
forward with the next steps.
Best regards
Vladislav Mladenov
Am 09.05.21 um 12:11 schrieb Torsten Lodderstedt:
> Hi,
>
> I have read the document and have no concerns.
>
> As an editorial feedback, I would suggest to dr
I have also read it and it looks good to me. It might be worth explicitly
discussing how it relates to the older draft [1] (that we implemented at the
time). That older draft also included a client_id parameter in the response, so
it would be good to clarify if that is actually needed to prevent
Hi Neil,
I'm not sure - maybe others can chime in here as well - if a discussion
relating to an expired previous draft is something one would expect in
the spec.
For the record, the client_id does not provide any additional security.
The key to mitigating Mix-Up is that the "honest AS" ensures th
Rifaat Shekh-Yusef, a chair of the oauth working group, indicated that the
oauth working group does not plan to hold a session at IETF 111.
This message was generated and sent by the IETF Meeting Session Request Tool.
___
OAuth mailing list
OAuth@
FWIW, I did align the capitalization in the title, "Token Mediating and
session Information Backend For Frontend" to match the accrom. Somewhat
weak justification, I know, but I was going for the branding effect with
something memorable and (hopefully) funny.
On Tue, May 4, 2021 at 9:03 AM Aaron P