[OAUTH-WG] Weekly github digest (OAuth Activity Summary)

Sun, 19 May 2024 00:48:00 -0700 



Events without label "editorial"

Issues
------
* oauth-wg/oauth-transaction-tokens (+2/-1/💬1)
 2 issues created:
 - Deployment models for the Transaction Token Service (by gffletch)

   https://github.com/oauth-wg/oauth-transaction-tokens/issues/96 
 - Define discovery metadata for support of the Transaction Token functionality (by gffletch)
   https://github.com/oauth-wg/oauth-transaction-tokens/issues/95 


 1 issues received 1 new comments:
 - #96 Deployment models for the Transaction Token Service (1 by gffletch)

   https://github.com/oauth-wg/oauth-transaction-tokens/issues/96 


 1 issues closed:

 - Replacement token `sub` and `aud` modification language https://github.com/oauth-wg/oauth-transaction-tokens/issues/82 


* oauth-wg/oauth-sd-jwt-vc (+2/-0/💬13)
 2 issues created:
 - Fix esolving type metadata from URL and limit to HTTPS URLs (by awoie)

   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/233 
 - Constraints on using JWT VC Isser metadata and x5c (by paulbastian)
   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/232 


 4 issues received 13 new comments:
 - #232 Constraints on using JWT VC Isser metadata and x5c (10 by awoie, 
peppelinux)

   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/232 
 - #222 Add JWS JSON serialization example (1 by awoie)
   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/222 [NEEDS PR] 
 - #221 Security considerations on integrity of Type Metadata (1 by bc-pi)
   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/221 [NEEDS PR] [wg-04] [metadata] [PRIO] 
 - #205 defining how DID can be used as user's indetifier (1 by TimoGlastra)
   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/205 [discuss] 


* oauth-wg/oauth-cross-device-security (+0/-1/💬0)
 1 issues closed:

 - Editorial update: Remove etc. https://github.com/oauth-wg/oauth-cross-device-security/issues/131 


* oauth-wg/oauth-selective-disclosure-jwt (+0/-4/💬5)
 4 issues received 5 new comments:
 - #419 why isn't cnf the only way to bind to a holder public key? (1 by bc-pi)

   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/419 
 - #416 Add Test suite for SD-JWT (2 by bc-pi, lukasjhan)
   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/416 [ready-for-PR] [pending-close] 
 - #403 Redesign JWS JSON Serialization (1 by bc-pi)
   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/403 [has-PR] 
 - #372 Clarify algorithms to accommodate recursive redaction (1 by danielfett)
   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/372 


 4 issues closed:

 - Add Test suite for SD-JWT https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/416 [has-PR] 
 - More figures in Section 3 (Flow Diagram) https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/385 [pending-close] 
 - Redesign JWS JSON Serialization https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/403 [has-PR] 
 - JSON serialization doesn't cover key binding https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/392 [has-PR] 


* oauth-wg/oauth-v2-1 (+2/-3/💬14)
 2 issues created:
 - Typo: resource server instead of resource (by mrcaidev)

   https://github.com/oauth-wg/oauth-v2-1/issues/177 
 - Allow public clients to use the `client_credentials` grant type (by bellebaum)
   https://github.com/oauth-wg/oauth-v2-1/issues/176 


 7 issues received 14 new comments:
 - #176 Allow public clients to use the `client_credentials` grant type (8 by 
aaronpk, archer-321, bellebaum, dickhardt)

   https://github.com/oauth-wg/oauth-v2-1/issues/176 
 - #166 case sensitivity of Bearer http authentication scheme (1 by aaronpk)
   https://github.com/oauth-wg/oauth-v2-1/issues/166 [interim] 
 - #163 Scope in relation to OIDC (1 by aaronpk)
   https://github.com/oauth-wg/oauth-v2-1/issues/163 [interim] 
 - #162 the invalid_client error and HTTP authentication schemas (1 by jogu)
   https://github.com/oauth-wg/oauth-v2-1/issues/162 [interim] 
 - #142 Native apps differences between mobile and desktop apps (1 by aaronpk)
   https://github.com/oauth-wg/oauth-v2-1/issues/142 [draft-00-feedback] 
 - #141 Claimed https scheme as app identity proof (1 by jogu)
   https://github.com/oauth-wg/oauth-v2-1/issues/141 [draft-00-feedback] [interim] 
 - #128 Describe OAuth's use of application/x-www-form-urlencoded encoding (1 by aaronpk)
   https://github.com/oauth-wg/oauth-v2-1/issues/128 [help wanted] [interim] [ietf-117] 


 3 issues closed:

 - Describe OAuth's use of application/x-www-form-urlencoded encoding https://github.com/oauth-wg/oauth-v2-1/issues/128 [help wanted] [interim] [ietf-117] 
 - Scope in relation to OIDC https://github.com/oauth-wg/oauth-v2-1/issues/163 [interim] 
 - case sensitivity of Bearer http authentication scheme https://github.com/oauth-wg/oauth-v2-1/issues/166 




Pull requests
-------------
* oauth-wg/oauth-transaction-tokens (+0/-2/💬0)
 2 pull requests merged:
 - Update draft-ietf-oauth-transaction-tokens.md

   https://github.com/oauth-wg/oauth-transaction-tokens/pull/89 
 - Clarified responsibilities of Txn-Token Service in
   https://github.com/oauth-wg/oauth-transaction-tokens/pull/87 


* oauth-wg/oauth-sd-jwt-vc (+1/-0/💬2)
 1 pull requests submitted:
 - Add schema type metadata (by awoie)

   https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/231 


 1 pull requests received 2 new comments:
 - #231 Add schema type metadata (2 by awoie)

   https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/231 


* oauth-wg/oauth-cross-device-security (+0/-2/💬0)
 2 pull requests merged:
 - Removed use of etc.

   https://github.com/oauth-wg/oauth-cross-device-security/pull/145 
 - Add reference to mitigation in foundational pillars
   https://github.com/oauth-wg/oauth-cross-device-security/pull/146 


* oauth-wg/oauth-selective-disclosure-jwt (+1/-2/💬3)
 1 pull requests submitted:
 - doc: add test api server (by lukasjhan)

   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/425 


 2 pull requests received 3 new comments:
 - #422 Update Rust option in the Implementations list (2 by danielfett, jovfer)

   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/422 
 - #394 Distinguish SD-JWT from SD-JWT+KB (1 by bc-pi)
   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/394 


 2 pull requests merged:
 - doc: add test api server

   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/425 
 - Rework JSON Serialization section
   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/414 


* oauth-wg/oauth-v2-1 (+1/-0/💬0)
 1 pull requests submitted:
 - Replace "resource" with "resource server" (#177) (by mrcaidev)

   https://github.com/oauth-wg/oauth-v2-1/pull/178 



Repositories tracked by this digest:
-----------------------------------
* https://github.com/oauth-wg/oauth-browser-based-apps
* https://github.com/oauth-wg/oauth-identity-chaining
* https://github.com/oauth-wg/oauth-transaction-tokens
* https://github.com/oauth-wg/oauth-sd-jwt-vc
* https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata
* https://github.com/oauth-wg/oauth-cross-device-security
* https://github.com/oauth-wg/oauth-selective-disclosure-jwt
* https://github.com/oauth-wg/oauth-v2-1

_______________________________________________
OAuth mailing list -- oauth@ietf.org
To unsubscribe send an email to oauth-le...@ietf.org























					Reply via email to