[OAUTH-WG] Weekly github digest (OAuth Activity Summary)

Repository Activity Summary Bot Sun, 01 Sep 2024 01:02:16 -0700



Events without label "editorial"

Issues
------
* oauth-wg/oauth-transaction-tokens (+1/-1/💬2)
 1 issues created:
 - Logging guidance and PII data handling (by ashayraut)

https://github.com/oauth-wg/oauth-transaction-tokens/issues/124

 1 issues received 2 new comments:
 - #124 Logging guidance and PII data handling (2 by ashayraut, obfuscoder)

https://github.com/oauth-wg/oauth-transaction-tokens/issues/124

 1 issues closed:

- `subject_token` description needs to be more flexible https://github.com/oauth-wg/oauth-transaction-tokens/issues/121

* oauth-wg/oauth-sd-jwt-vc (+0/-0/💬3)
 2 issues received 3 new comments:
 - #250 Drop all references to DIDs and DID resolution (2 by kimdhamilton, 
peacekeeper)

https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/250- #212 Embedded Issuer Policies (1 by paulbastian)https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/212 [pending close]

* oauth-wg/draft-ietf-oauth-resource-metadata (+1/-0/💬2)
 1 issues created:
 - Declaring support for DPoP and Certificate-Bound Access Tokens (by 
randomstuff)

https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata/issues/48

 1 issues received 2 new comments:
 - #48 Declaring support for DPoP and Certificate-Bound Access Tokens (2 by 
randomstuff, selfissued)

https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata/issues/48

* oauth-wg/oauth-selective-disclosure-jwt (+0/-2/💬1)
 1 issues received 1 new comments:
 - #439 burn the burning of private keys   (1 by Sakurann)

https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/439 [discuss-first] [on-hold]

 2 issues closed:

- Give "JSON document of the SD-JWT processing and verification algorithm" a name https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/443 [has-PR]- (maybe) clarify example(s) https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/444 [has-PR]

* oauth-wg/draft-ietf-oauth-status-list (+3/-8/💬13)
 3 issues created:
 - Support for content negotiation as denoted in the standard is limited for 
some CDNs and http servers (by markuskreusch)

https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/168- Support for content negotiation as denoted in the standard is limited for some CDNs and http servers (by markuskreusch)https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/167- Reference the JWT BCP (by paulbastian)https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/165

 12 issues received 13 new comments:
 - #168 Support for content negotiation as denoted in the standard is limited 
for some CDNs and http servers (1 by paulbastian)

https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/168- #167 Support for content negotiation as denoted in the standard is limited for some CDNs and http servers (1 by markuskreusch)https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/167- #165 Reference the JWT BCP (1 by paulbastian)https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/165- #156 Simplifying compression requirements (1 by paulbastian)https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/156- #151 Allow multiple status lists in SD-JWT VC (1 by paulbastian)https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/151- #138 Support an optional feature for historical resolution (1 by paulbastian)https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/138- #133 Implementation Consideration (1 by paulbastian)https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/133- #115 Check for IANA CWT claims (2 by c2bo, paulbastian)https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/115- #62 Privacy requirement - how to provide and demonstrate the consent given to the RP to allow it to check the revocation status (1 by peppelinux)https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/62- #51 "A Status List can not represent multiple statuses per Referenced Token" (1 by paulbastian)https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/51- #47 requirement for status list size (1 by paulbastian)https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/47- #24 Add implementations considerations (1 by paulbastian)https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/24

 8 issues closed:

- Support for content negotiation as denoted in the standard is limited for some CDNs and http servers https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/167- Check for IANA CWT claims https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/115- Add section about CORS https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/58- Easy way to debug a Status List https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/157- Privacy requirement - how to provide and demonstrate the consent given to the RP to allow it to check the revocation status https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/62- rename "referenced token" https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/26- Implementation Consideration https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/133- Strip = from Base64url encoding? https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/44

* oauth-wg/draft-ietf-oauth-attestation-based-client-auth (+0/-1/💬3)
 2 issues received 3 new comments:
 - #61 IETF 118 : Should this mechanism be used in parallel with Client 
Authentication /with Dynamic Client Registration (2 by embesozzi, jogu)

https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/61- #15 Security levels in the attestation (1 by c2bo)https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/15

 1 issues closed:

- new HTTP headers are supposed to request their registration https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/78



Pull requests
-------------
* oauth-wg/oauth-identity-chaining (+1/-0/💬0)
 1 pull requests submitted:
 - Add sender constrained tokens (redo) (by kburgin3)

https://github.com/oauth-wg/oauth-identity-chaining/pull/95

* oauth-wg/oauth-transaction-tokens (+1/-1/💬0)
 1 pull requests submitted:
 - moved txn field usage information to Security Considerations section (by 
tulshi)

https://github.com/oauth-wg/oauth-transaction-tokens/pull/123

 1 pull requests merged:
 - added unsigned json subject token type

https://github.com/oauth-wg/oauth-transaction-tokens/pull/122

* oauth-wg/oauth-sd-jwt-vc (+1/-0/💬1)
 1 pull requests submitted:
 - clarify, add context, or otherwise improve examples (by bc-pi)

https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/252

 1 pull requests received 1 new comments:
 - #252 clarify, add context, or otherwise improve examples (1 by bc-pi)

https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/252

* oauth-wg/oauth-selective-disclosure-jwt (+4/-3/💬1)
 4 pull requests submitted:
 - Remove text about publishing private keys (by bc-pi)

https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/460- Using a capital letter "B" to start the sentence (by bc-pi)https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/459- Moved considerations around unlinkability to the top of the Privacy Considerations section (by bc-pi)https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/458- clarify, add context, or otherwise improve examples (by bc-pi)https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/457

 1 pull requests received 1 new comments:
 - #456 Introduced/used the phrase processed SD-JWT payload in Section 8.1 on 
Verifying the SD-JWT (1 by bc-pi)

https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/456

 3 pull requests merged:
 - Introduced/used the phrase processed SD-JWT payload in Section 8.1 on 
Verifying the SD-JWT

https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/456- clarify, add context, or otherwise improve exampleshttps://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/457- Using a capital letter "B" to start the sentencehttps://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/459

* oauth-wg/draft-ietf-oauth-status-list (+4/-5/💬4)
 4 pull requests submitted:
 - add cors considerations to the http endpoint (by c2bo)

https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/166- remove requirement for matching iss claim in Referenced Token and Sta… (by paulbastian)https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/164- add testing tool (by paulbastian)https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/163- move base64url introduction to terminology (by c2bo)https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/162

 1 pull requests received 4 new comments:
 - #164 remove requirement for matching iss claim in Referenced Token and Sta… 
(4 by c2bo, paulbastian)

https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/164

 5 pull requests merged:
 - add cors considerations to the http endpoint

https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/166- add testing toolhttps://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/163- fix reference of Status List in CBOR formathttps://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/161- add cwt claim key for status_listhttps://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/160- move base64url introduction to terminologyhttps://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/162

* oauth-wg/draft-ietf-oauth-attestation-based-client-auth (+2/-2/💬0)
 2 pull requests submitted:
 - add christian as author (by c2bo)

https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/pull/83- add http field name (header) iana registration (by c2bo)https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/pull/82

 2 pull requests merged:
 - add http field name (header) iana registration

https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/pull/82- add christian as authorhttps://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/pull/83


Repositories tracked by this digest:
-----------------------------------
* https://github.com/oauth-wg/oauth-browser-based-apps
* https://github.com/oauth-wg/oauth-identity-chaining
* https://github.com/oauth-wg/oauth-transaction-tokens
* https://github.com/oauth-wg/oauth-sd-jwt-vc
* https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata
* https://github.com/oauth-wg/oauth-cross-device-security
* https://github.com/oauth-wg/oauth-selective-disclosure-jwt
* https://github.com/oauth-wg/oauth-v2-1
* https://github.com/oauth-wg/draft-ietf-oauth-status-list
* https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth

_______________________________________________
OAuth mailing list -- oauth@ietf.org
To unsubscribe send an email to oauth-le...@ietf.org

[OAUTH-WG] Weekly github digest (OAuth Activity Summary)

Reply via email to