Early February I posted a mail to the list to make progress on the solution to the OAuth Authorization Server Mix-Up problem discovered late last year.
Here is my mail about the Authorization Server Mix-Up: http://www.ietf.org/mail-archive/web/oauth/current/msg15336.html Here is my mail to the list that tries to summarize the discussion status and asked a few questions: http://www.ietf.org/mail-archive/web/oauth/current/msg15697.html Unfortunately, my mail didn't lead to the intended success. While there was some feedback I wasn't getting the desired response. In order to move forward I believe we need a working group document that serves as a starting point for further work in the group*. We have two documents that provide similar functionality in an attempt to solve the Authorization Server Mix-Up problem. So, here is the question for the group. Which document do you want as a starting point for work on this topic: -- Option A: 'OAuth 2.0 Mix-Up Mitigation' by Mike Jones and John Bradley Link: https://tools.ietf.org/html/draft-jones-oauth-mix-up-mitigation-01 -- Option B: 'OAuth Response Metadata' by Nat Sakimura, Nov Matake and Sascha Preibisch Link: https://tools.ietf.org/html/draft-sakimura-oauth-meta-07 Deadline for feedback is March, 4th. Ciao Hannes & Derek PS: (*) Regardless of the selected solution we will provide proper acknowledgement for those who contributed to the work.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
