Hi all! I am reading through this document for the first time. I am mainly looking at it in comparison to OAuth 2.0 (RFC 6749) and with the eyes of a developer. I am trying to understand where phrases have changed and, of course, where features are changing.
What is the best way to provide feedback? In this mailing list? Thanks, Sascha On Mon, 6 Jul 2020 at 09:44, Dick Hardt <dick.ha...@gmail.com> wrote: > > Aaron, Torsten, and I -- with some help from Daniel -- have created a new > version of draft-pareck-oauth-v2-1. I think we are ready for a WG adoption > call (assuming the updated charter). > > Here is the doc: > > https://tools.ietf.org/html/draft-parecki-oauth-v2-1-03 > > Here is a link to the diff from -02: > > https://tools.ietf.org/rfcdiff?url2=draft-parecki-oauth-v2-1-03.txt > > This version incorporates feedback from the WG, as well as editorial changes > to improve readability. Highlights: > > - Appendix of current known extensions, and references to the Appendix so > that readers become aware of related work. > > - defined new client type - credentialed clients - a client that has > credentials, but the AS has not confirmed the identity of the client. > Confidential clients have had their identity confirmed by the AS. We talked > about changing the names of confidential and public, but thought that would > be confusing. This new definition cleans up the text substantially. > > - consistent use of redirect URI rather than mixing in redirect endpoint URI > and redirect endpoint. > > - adopted new language on when PKCE is required. > > - removed IANA section (nothing new is in 2.1) > > / Dick > > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
