So the new plan is for you to provide the text for the security section and just publish their work as a separate RFC as the same time?
EHL > -----Original Message----- > From: Hannes Tschofenig [mailto:hannes.tschofe...@gmx.net] > Sent: Sunday, March 27, 2011 12:58 AM > To: Eran Hammer-Lahav > Cc: Hannes Tschofenig; OAuth WG > Subject: Re: [OAUTH-WG] Authors, Contributors, Acknowledgement > > On the security aspect: I will write a short text for the OAuth draft because > the longer writeup by Torsten/Mar/Phil is targeting a different scope. So, you > cannot just copy it. > > On Mar 27, 2011, at 12:36 AM, Eran Hammer-Lahav wrote: > > > The security consideration section pending, this is the last open issue I > > have > to close as editor before the document is ready to leave the working group. > While this is silly business for many, it is very important to others, so bear > with me. I want to make sure we give everyone the proper recognition they > deserve. > > > > - Authors > > > > The document currently lists 1 editor (Eran Hammer-Lahav) and 2 authors > (David Recordon, Dick Hardt). The three names were originally selected to > reflect the compromise edited by David, combining the two document > (OAuth 1.0 RFC and WRAP I-D) edited by Dick and me. I am about to include a > large chuck of work written by Torsten Lodderstedt, Mark McGloin, and Phil > Hunt. > > > > This raises the question of who should receive top billing. These are the > options I came up with (listed without any preference): > > > > - Leave the three names as in -13. > > - Add the three additional names and obtain a special exception from the > IESG/AD (?) for listing more than 5 names (RFC rules). > > - List only the editor (IETF norm). > > - Some other criteria to show a different subset of names. > > > > Any of the above can be combined with moving the Contributors section to > the front (before the introduction) to give higher visibility to the > contributors. I honestly have no preference and given that my name is listed > as editor in the 3 alternatives, I will refrain from expressing an opinion. > > > > > > - Contributors > > > > The following is the new Contributors appendix: > > > > Appendix A. Contributors > > > > This specification is the work of the OAuth Working Group which > > includes dozens of active and dedicated participants. In particular, > > the following individuals contributed ideas, feedback, and wording > > which shaped and formed the final specification: > > > > Michael Adams, Andrew Arnott, Dirk Balfanz, Blaine Cook, Brian > > Campbell, Leah Culver, Bill de hOra, Brian Eaton, Brian Ellin, Igor > > Faynberg, George Fletcher, Tim Freeman, Evan Gilbert, Yaron Goland, > > Brent Goldman, Kristoffer Gronowski, Justin Hart, Craig Heath, Phil > > Hunt, Michael B. Jones, John Kemp, Mark Kent, Raffi Krikorian, Chasen > > Le Hara, Rasmus Lerdorf, Torsten Lodderstedt, Hui-Lan Lu, Paul > > Madsen, Alastair Mair, Eve Maler, James Manger, Laurence Miao, Chuck > > Mortimore, Justin Richer, Peter Saint-Andre, Nat Sakimura, Rob Sayre, > > Marius Scurtescu, Naitik Shah, Luke Shepard, Justin Smith, Jeremy > > Suriel, Christian Stuebner, Paul Tarjan, Allen Tom, Franklin Tse, > > Nick Walker, Skylar Woodward. > > > > The initial OAuth 2.0 protocol specification was edited by David > > Recordon, based on two previous publications: the OAuth 1.0 community > > specification [RFC5849], and OAuth WRAP (OAuth Web Resource > > Authorization Profiles) [I-D.draft-hardt-oauth-01]. > > > > The OAuth 1.0 community specification was edited by Eran Hammer- > Lahav > > and authored by Mark Atwood, Dirk Balfanz, Darren Bounds, Richard M. > > Conlan, Blaine Cook, Leah Culver, Breno de Medeiros, Brian Eaton, > > Kellan Elliott-McCrea, Larry Halff, Eran Hammer-Lahav, Ben Laurie, > > Chris Messina, John Panzer, Sam Quigley, David Recordon, Eran > > Sandler, Jonathan Sergent, Todd Sieling, Brian Slesinsky, and Andy > > Smith. > > > > The OAuth WRAP specification was edited by Dick Hardt and authored by > > Brian Eaton, Yaron Goland, Dick Hardt, and Allen Tom. > > > > The list of names was directly derived from my issues list from the past > year. During every document edit I kept track of the person providing the > feedback which resulted in a change. This means that those participating in > discussions but who did not directly have any impact on the document are > not named. This is the only reasonable criteria I was able to come up with. > > > > An alternative is to list anyone who posted anything to the mailing list > > since > the work began or to keep the list as-is and let the chairs hand-pick any > additional names they believe are justified. I don't have strong views, as > long > as the list is fair. > > > > > > > - Acknowledgement > > > > This section will start with 'The editor wishes to thank...' and is at my > discretion. > > > > EHL > > > > > > _______________________________________________ > > OAuth mailing list > > OAuth@ietf.org > > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
