Yes, this matches my understanding of the discussions at the Seoul meeting.
On 03/04/2017 07:10 PM, Torsten Lodderstedt wrote: > Hi Hannes, > > just for clarification: as far as I remember the proposal in Seoul was to > turn the document into a BCP. > > Is this consistent with your expectation? > > kind regards, > Torsten. > >> Am 20.02.2017 um 12:02 schrieb Hannes Tschofenig <hannes.tschofe...@gmx.net>: >> >> Hi all, >> >> earlier this month we issued a call for adoption of the OAuth security >> topics draft, see draft-lodderstedt-oauth-security-topics-00, and the >> response was quite positive on the list (as well as during the last f2f >> meeting). >> >> For this reason, we ask the authors to submit a WG version of the >> document and to discuss new content for the document in preparation for >> the next meeting. >> >> Note that the intention of the document is to discuss security topics as >> they relate to the work in the OAuth working group. As this initial >> document already does, it describes a problem statement and outlines >> various ways to mitigate the problems. I expect the working group to >> decide which solution approach is most appropriate and to detail it (at >> a specification level) in a separate document (some of those documents >> already exist in the working group). This should help us make decisions >> that are not just point solutions for specific problems but rather >> consider the big picture. >> >> Ciao >> Hannes & Derek >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
