I also am confused by change like this when we are at WGLC. I was under the impression that once the WG finished last call, the IETF security mafia experts would be reviewing the spec -- so it is unclear what advantage this has for getting the spec finished.
On 2011-04-02, at 12:58 PM, David Recordon wrote: > I can't say I understand this change when we're so close to being finished. > > On Fri, Apr 1, 2011 at 12:25 AM, Peter Saint-Andre <stpe...@stpeter.im> wrote: >> As discussed in the WG session at Prague just now, in discussion with >> the Security Area Directors I have decided to move the OAuth Working >> Group from the Applications Area to the Security Area of the IETF. The >> rationale is that all of the most important work remaining for the WG to >> produce OAuth 2.0 is security-related. Moving the WG to the Security >> Area will enable us to receive all of the right security reviews as >> early as possible before submitting the base specification to the IESG. >> >> Stephen Farrell of the Security Area will be your new AD, and I will >> stay on as Applications Area advisor. >> >> Let's complete the important work of the OAuth WG and do the best we can >> to make HTTP-based authorization more secure. >> >> Peter >> >> -- >> Peter Saint-Andre >> https://stpeter.im/ >> >> >> >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> >> > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
