FWIW, I did align the capitalization in the title, "Token Mediating and
session Information Backend For Frontend" to match the accrom. Somewhat
weak justification, I know, but I was going for the branding effect with
something memorable and (hopefully) funny.
On Tue, May 4, 2021 at 9:03 AM Aaron
Rifaat Shekh-Yusef, a chair of the oauth working group, indicated that the
oauth working group does not plan to hold a session at IETF 111.
This message was generated and sent by the IETF Meeting Session Request Tool.
___
OAuth mailing list
Hi Neil,
I'm not sure - maybe others can chime in here as well - if a discussion
relating to an expired previous draft is something one would expect in
the spec.
For the record, the client_id does not provide any additional security.
The key to mitigating Mix-Up is that the "honest AS" ensures
I have also read it and it looks good to me. It might be worth explicitly
discussing how it relates to the older draft [1] (that we implemented at the
time). That older draft also included a client_id parameter in the response, so
it would be good to clarify if that is actually needed to
Hi all,
I reviewed the document and have no objections. I think we can move
forward with the next steps.
Best regards
Vladislav Mladenov
Am 09.05.21 um 12:11 schrieb Torsten Lodderstedt:
> Hi,
>
> I have read the document and have no concerns.
>
> As an editorial feedback, I would suggest to
Hi,
I read the document, have no concerns, and support it.
Christian
On 01.05.21 22:46, Rifaat Shekh-Yusef wrote:
All,
We have not seen any comments on this document.
Can you please review the document and provide feedback, or indicate that
you have reviewed the document and have no