... Which was just published as RFC 7009. Great work, everyone! -derek
Hannes Tschofenig <hannes.tschofe...@gmx.net> writes: > A big "Thank you" goes to Torsten for working hard to get the document > through the IETF process. > > On Jul 20, 2013, at 4:43 AM, The IESG wrote: > >> The IESG has approved the following document: >> - 'OAuth 2.0 Token Revocation' >> (draft-ietf-oauth-revocation-11.txt) as Proposed Standard >> >> This document is the product of the Web Authorization Protocol Working >> Group. >> >> The IESG contact persons are Stephen Farrell and Sean Turner. >> >> A URL of this Internet Draft is: >> http://datatracker.ietf.org/doc/draft-ietf-oauth-revocation/ >> >> >> >> >> Technical Summary >> >> The OAuth Token Revocation specification proposes an additional >> endpoint for OAuth authorization servers, which allows clients to >> notify the authorization server that a previously obtained refresh >> or access token is no longer needed. This allows the authorization >> server to cleanup security credentials. A revocation request will >> invalidate the actual token and, if applicable, other tokens based >> on the same authorization grant. >> >> Working Group Summary >> >> The document experienced no particular problems in the working >> group. >> >> Document Quality >> >> The document has been deployed by four companies, namely >> by Salesforce, Google, Deutsche Telekom, and MITRE. The >> working group reviewed and discussed the document extensively. >> >> There was a comment from the appsdir review that was not >> accepted. The reviewer (mnot) suggested a discovery >> mechanism was needed, but the wg are working on >> generic oauth discovery and not just for revocation and >> so decided not to make that change. >> >> Personnel >> >> Hannes Tschofenig is the document shepherd. >> The responsible area director is Stephen Farrell. >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > -- Derek Atkins 617-623-3745 de...@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
