Sorry for the late reply. For the PoP architecture document we initiated the WGLC last year and a new document has to be submitted to address those comments. I believe then it is ready for the IESG.
The WGLC for the draft-ietf-oauth-proof-of-possession-00 should be started next. Maybe already this week since we are doing OK with some of our other documents. The weakest part of the story at the moment is the draft-ietf-oauth-signed-http-request-00 document. For this we obviously need input from the group. On 02/14/2015 12:40 PM, Security Developer wrote: > Hi, > > I have a couple of questions. > > 1- What is the status of these documents as I am interested in > implementing POP > > draft-ietf-oauth-pop-architecture-00.pdf > draft-ietf-oauth-pop-key-distribution-00.pdf > draft-ietf-oauth-proof-of-possession-00.pdf > draft-ietf-oauth-signed-http-request-00.pdf > > 2- Should Authorization server restrict the number of authorization > codes issued to a single user after successful authentication and > authorization in OAuth? also What is the good practice in this case? > > Thanks for your time. > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
