<chair hat> Hi all,
Hannes and I have discussed the results of the WG meeting, and while there was a lot of good discussion that happened, it seems like the next step for the WG is to buckle down and produce a stable draft that incorporates all the various proposals, in particular WRAP and OAuth 1.0a. David has done an excellent job with his draft, and I'd like to see us follow through on that work quickly and effectively to offer the various organizations who are looking to ship interoperable solutions something to base their work on. To that end, we'd like to see Eran take up the editing work over the next week. That work should be premised on re-incorporating the features from WRAP that were removed in David's great start at a unified spec. Dick's contributions have been invaluable towards reconciling the gap between HMAC-based approaches and expiring bearer token approaches, and we'd like to see that work be properly credited and evaluated along with all of the other aspects of OAuth 1.0a and WRAP. Our hope is that soon, certainly well before the next OAuth WG meeting (virtual or otherwise), we'll have a new RFC-style document that satisfies the needs of everyone in the community. Blaine and Hannes. </chair hat> _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
