Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-device-flow-05.txt

Mon, 13 Mar 2017 16:22:32 -0700 

FYI, I blogged about this at http://self-issued.info/?p=1657 and as 
@selfissued<https://twitter.com/selfissued>.

                                                                -- Mike

From: William Denniss [mailto:wdenn...@google.com]
Sent: Monday, March 13, 2017 11:44 AM
To: oauth@ietf.org; Justin Richer <jric...@mit.edu>; Brian Campbell 
<bcampb...@pingidentity.com>; Manger, James <james.h.man...@team.telstra.com>; 
Mike Jones <michael.jo...@microsoft.com>; Hannes Tschofenig 
<hannes.tschofe...@arm.com>; John Bradley <ve7...@ve7jtb.com>
Subject: Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-device-flow-05.txt

Version -05 addresses comments from the work group, includes normative changes:


   o  response_type parameter removed from authorization request.

   o  Added option for clients to include the user_code on the

      verification URI.

   o  Clarified token expiry, and other nits.


Thank you Roshni Chandrashekhar, Brian Campbell, James Manager, and Justin 
Richer for your valuable feedback. Thank you to my co-author Mike Jones for 
reviewing and correcting all changes that resulted, and for the quality pass on 
the doc.

On Mon, Mar 13, 2017 at 10:39 AM, 
<internet-dra...@ietf.org<mailto:internet-dra...@ietf.org>> wrote:

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol of the IETF.

        Title           : OAuth 2.0 Device Flow for Browserless and Input 
Constrained Devices
        Authors         : William Denniss
                          John Bradley
                          Michael B. Jones
                          Hannes Tschofenig
        Filename        : draft-ietf-oauth-device-flow-05.txt
        Pages           : 15
        Date            : 2017-03-13

Abstract:
   This OAuth 2.0 authorization flow for browserless and input
   constrained devices, often referred to as the device flow, enables
   OAuth clients to request user authorization from devices that have an
   Internet connection, but don't have an easy input method (such as a
   smart TV, media console, picture frame, or printer), or lack a
   suitable browser for a more traditional OAuth flow.  This
   authorization flow instructs the user to perform the authorization
   request on a secondary device, such as a smartphone.  There is no
   requirement for communication between the constrained device and the
   user's secondary device.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-device-flow/

There's also a htmlized version available at:
https://tools.ietf.org/html/draft-ietf-oauth-device-flow-05

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-device-flow-05


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at 
tools.ietf.org<http://tools.ietf.org>.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

_______________________________________________
OAuth mailing list
OAuth@ietf.org<mailto:OAuth@ietf.org>
https://www.ietf.org/mailman/listinfo/oauth


_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to