>
>>
>
> The main problem is lack of authors/editors to put the work in, not lack of
> ideas. I still hope to get the discovery spec finished in the same timeframe,
> but have no plans to author or edit any other draft.
Just to get this clear. Do you plan to author the discovery spec? And what is
the core spec's timeframe?
regards,
Torsten.
>
>> What about the following topics?
>> - security considerations
>
> That's part of core and someone has to write it. I'd like to see someone take
> the security section from RFC 5849 and rework it to match 2.0, as well as add
> everything that is missing. I will incorporate it and take care of the
> editorial work but I am not writing it from scratch.
>
>> - token revocation (requested by several attendees during Maastricht WG
>> meeting)
>
> Someone needs to write a proposal and work to get WG consensus (to the point
> where enough people say they like it and no one is objecting). Get it there,
> I'll do the rest. Feel free to ask the chairs to help out.
>
>> - signatures
>
> I think Nat offered to take a stab at a first draft based on Dirk's work and
> the WG discussions. I have offered to help with editorial work if requested.
>
> EHL
>
>> regards,
>> Torsten.
>>
>>
>> Am 02.08.2010 um 22:33 schrieb Eran Hammer-Lahav
>> <e...@hueniverse.com>:
>> General discussions on the list and during the interim meeting.
>>
>> EHL
>>
>>
>> -----Original Message-----
>> From: Torsten Lodderstedt [mailto:tors...@lodderstedt.net]
>> Sent: Monday, August 02, 2010 1:20 PM
>> To: Eran Hammer-Lahav
>> Cc: OAuth WG (oauth@ietf.org)
>> Subject: Re: [OAUTH-WG] Extensibility: new endpoints
>>
>> What consensus do you refer to? The WG charter?
>>
>> regards,
>> Torsten.
>>
>> Am 02.08.2010 22:18, schrieb Eran Hammer-Lahav:
>> No according to WG consensus. We took it all out because too many people
>> considered it experimental, so while it may be a WG item, it is not part of
>> the
>> core spes.
>>
>> EHL
>>
>>
>> -----Original Message-----
>> From: Torsten Lodderstedt [mailto:tors...@lodderstedt.net]
>> Sent: Monday, August 02, 2010 1:07 PM
>> To: Eran Hammer-Lahav
>> Cc: OAuth WG (oauth@ietf.org)
>> Subject: Re: [OAUTH-WG] Extensibility: new endpoints
>>
>> and discovery does not belong into the core?
>>
>> regards,
>> Torsten.
>>
>> Am 02.08.2010 22:05, schrieb Eran Hammer-Lahav:
>>
>> This doesn't belong in core. A registry is used to avoid name collisions, not
>>
>> to provide an inventory.
>>
>> Maybe in discovery.
>>
>> EHL
>>
>>
>>
>> -----Original Message-----
>> From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf
>> Of Torsten Lodderstedt
>> Sent: Monday, August 02, 2010 12:54 PM
>> To: OAuth WG (oauth@ietf.org)
>> Subject: [OAUTH-WG] Extensibility: new endpoints
>>
>> the existing authorization server endpoints (end-user authorization and
>> tokens endpoint) have a relatively clearly semantics and scope.
>> Adding distinct new functions to an authorization server will (in my
>> opionion) require the definition of new endpoints. For example, I'm working
>> on an I-D for token revocation. Such a function does not fit into the tokens
>> endpoint since it has become a "token issuance endpoint" rather than a
>> general purpose client2server endpoint.
>>
>> I therefore would propose to include the option to define and register new
>> endpoints into the Extensibility section of the spec.
>> This would also facilitate the incorporation of additional endpoints (with
>> well-
>> defined names) into OAuth discovery.
>>
>> Any thoughts?
>>
>> regards,
>> Torsten.
>>
>>
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
>>
>>
>>
>
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
