All, Based on the responses on this thread, we declare the *Protected Resource Metadata* draft adopted as a WG document.
Authors, Feel free to submit a WG document at your convenience. Regards, Rifaat & Hannes On Mon, Aug 28, 2023 at 5:28 AM Takahiko Kawasaki <t...@authlete.com> wrote: > I support adoption. > > In the past, when considering the encryption of JWT access tokens, I > learned that the draft regarding the metadata of the resource server had > expired, which was disappointing. For an authorization server to encrypt an > access token with an asymmetric algorithm, it must obtain a public key of > the target resource server, but there was no standardized way. I'm glad to > see the specification has been revived. If it had been revived a bit > earlier, the addition that was made as "client" metadata in the "JWT > Response for OAuth Token Introspection" specification would likely have > been treated as metadata for the "resource server." > > Best Regards, > Takahiko Kawasaki > > > On Thu, Aug 24, 2023 at 4:02 AM Rifaat Shekh-Yusef < > rifaat.s.i...@gmail.com> wrote: > >> All, >> >> This is an official call for adoption for the *Protected Resource >> Metadata* draft: >> https://datatracker.ietf.org/doc/draft-jones-oauth-resource-metadata/ >> >> Please, reply on the mailing list and let us know if you are in favor of >> adopting this draft as WG document, by *Sep 6th.* >> >> Regards, >> Rifaat & Hannes >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> >
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
