I didn't have the reference offhand during the meeting today but https://tools.ietf.org/html/rfc6973 looks to be a good source of considerations for writing privacy considerations. As I mentioned, I've written a number of such sections. Though these probably shouldn't be considered exemplary they were published: https://tools.ietf.org/html/rfc8707#section-4, https://tools.ietf.org/html/rfc8705#section-8https://tools.ietf.org/html/rfc8693#section-6 <https://tools.ietf.org/html/rfc8693#section-6>, https://tools.ietf.org/html/rfc7523#section-7, https://tools.ietf.org/html/rfc7522#section-7, and https://tools.ietf.org/html/rfc7521#section-8.4.
<https://tools.ietf.org/html/rfc7521#section-8.4> I think including a pragmatic Privacy Considerations section in the OAuth 2.1 draft could be worthwhile. On Mon, Aug 10, 2020 at 10:42 AM Dick Hardt <dick.ha...@gmail.com> wrote: > In the PAR meeting today, Denis requested there be a privacy > considerations section in PAR. I don't think there is anything specific in > PAR that would change the privacy considerations of OAuth, and am checking > if there is WG interest, and consensus, on including a Privacy > Considerations section in the OAuth 2.1 draft. > > /Dick > ᐧ > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > -- _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
