On Wed, Dec 7, 2022 at 1:07 AM Aaron Parecki <aaron= 40parecki....@dmarc.ietf.org> wrote:
> Hi all, > > I just published a revised version of OAuth for Browser-Based Apps based > on the feedback and discussion at IETF 115 London! > > https://www.ietf.org/archive/id/draft-ietf-oauth-browser-based-apps-12.html > > The primary changes are: > > * Rephrased the architecture patterns to focus on token acquisition > Terminology-wise, the phrasing "code executed in the DOM" is not correct: the DOM is an API for manipulating the document. This should rather be "code executed in a browsing context" or possibly "code executed in a document context" (or just "in a document"?), as opposed to a "worker context" or service worker. Anyway, thanks for that work. I'm only using the drafts as reference in architecture discussions and am looking forward to this turning into an RFC. -- Thomas Broyer /tɔ.ma.bʁwa.je/ <http://xn--nna.ma.xn--bwa-xxb.je/>
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
