[OAUTH-WG] Weekly github digest (OAuth Activity Summary)



Events without label "editorial"

Issues
------
* oauth-wg/oauth-transaction-tokens (+9/-7/💬19)
 9 issues created:
 - Authentication mechanisms (by PieterKas)

https://github.com/oauth-wg/oauth-transaction-tokens/issues/135- Clarify why the "aud" claim remains unchanged (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/134- access_token potential for confusion (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/133- rctx MUST (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/132- Can a sub_id change? (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/131- Editorial change (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/130- Trust Domain definition (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/129- Ascii Diagram update (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/128- Clarify Transaction Token Context (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/127

 10 issues received 19 new comments:
 - #135 Authentication mechanisms (5 by PieterKas, gffletch)

https://github.com/oauth-wg/oauth-transaction-tokens/issues/135- #134 Clarify why the "aud" claim remains unchanged (1 by gffletch)https://github.com/oauth-wg/oauth-transaction-tokens/issues/134- #133 access_token potential for confusion (2 by PieterKas, gffletch)https://github.com/oauth-wg/oauth-transaction-tokens/issues/133- #132 rctx MUST (2 by PieterKas, gffletch)https://github.com/oauth-wg/oauth-transaction-tokens/issues/132- #131 Can a sub_id change? (1 by gffletch)https://github.com/oauth-wg/oauth-transaction-tokens/issues/131- #130 Editorial change (1 by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/issues/130- #127 Clarify Transaction Token Context (4 by PieterKas, gffletch)https://github.com/oauth-wg/oauth-transaction-tokens/issues/127- #119 Azd claim name conflict with RAR (1 by gffletch)https://github.com/oauth-wg/oauth-transaction-tokens/issues/119- #118 RAR object inside a TraT (1 by gffletch)https://github.com/oauth-wg/oauth-transaction-tokens/issues/118- #115 Audience, scope & purpose (1 by gffletch)https://github.com/oauth-wg/oauth-transaction-tokens/issues/115

 7 issues closed:

- Logging guidance and PII data handling https://github.com/oauth-wg/oauth-transaction-tokens/issues/124- Clarify why the "aud" claim remains unchanged https://github.com/oauth-wg/oauth-transaction-tokens/issues/134- rctx MUST https://github.com/oauth-wg/oauth-transaction-tokens/issues/132- Ascii Diagram update https://github.com/oauth-wg/oauth-transaction-tokens/issues/128- access_token potential for confusion https://github.com/oauth-wg/oauth-transaction-tokens/issues/133- Trust Domain definition https://github.com/oauth-wg/oauth-transaction-tokens/issues/129- Editorial change https://github.com/oauth-wg/oauth-transaction-tokens/issues/130

* oauth-wg/oauth-sd-jwt-vc (+0/-1/💬2)
 2 issues received 2 new comments:
 - #249 Suggestion: Should this spec be more open to multiple Credential 
formats? [W3C Verifiable Credentials 2.0] (1 by awoie)

https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/249 [pending close]- #247 Potential Privacy implications of verifier knowing display information (1 by danielfett)https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/247

 1 issues closed:

- Suggestion: Should this spec be more open to multiple Credential formats? [W3C Verifiable Credentials 2.0] https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/249 [pending close]

* oauth-wg/draft-ietf-oauth-resource-metadata (+1/-0/💬4)
 1 issues created:
 - Ambiguous handling of the resource_metadata WWW-Authenticate parameter (by 
randomstuff)

https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata/issues/56

 3 issues received 4 new comments:
 - #56 Ambiguous handling of the resource_metadata WWW-Authenticate parameter 
(1 by selfissued)

https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata/issues/56- #55 The client cannot tells whether audience restriction has been applied (2 by aaronpk, selfissued)https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata/issues/55- #8 Question: What should the WWW-Authenticate header return (1 by randomstuff)https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata/issues/8

* oauth-wg/oauth-selective-disclosure-jwt (+2/-3/💬11)
 2 issues created:
 - Decoy Digest Implications (by AlexHodder)

https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/470- Mixed-type arrays (by alenhorvat)https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/469

 5 issues received 11 new comments:
 - #470 Decoy Digest Implications (2 by AlexHodder, danielfett)

https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/470- #469 Mixed-type arrays (2 by alenhorvat, danielfett)https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/469 [pending-close]- #468 sd_alg, _sd_alg - Option for claims reuse? (2 by Sakurann, alenhorvat)https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/468- #465 JWT and unprotected header - generalisation? (4 by alenhorvat, bc-pi)https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/465- #463 holder key as DID (1 by bc-pi)https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/463 [pending-close]

 3 issues closed:

- Mixed-type arrays https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/469 [pending-close]- holder key as DID https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/463 [pending-close]- JWT and unprotected header - generalisation? https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/465

* oauth-wg/oauth-v2-1 (+2/-0/💬0)
 2 issues created:
 - 7.X Stateless tokens and key rotation (by sakimura)

https://github.com/oauth-wg/oauth-v2-1/issues/189- 7.12 Phishing Attacks: Clarification and additional advice to the reader (by sakimura)https://github.com/oauth-wg/oauth-v2-1/issues/188

* oauth-wg/draft-ietf-oauth-status-list (+1/-2/💬0)
 1 issues created:
 - Missing IANA section for status types (by paulbastian)

https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/177

 2 issues closed:

- Add implementations considerations https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/24 [ready-for-pr]- requirement for status list size https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/47 [ready-for-pr]



Pull requests
-------------
* oauth-wg/oauth-transaction-tokens (+8/-4/💬0)
 8 pull requests submitted:
 - Clarify `subject_token_type` value when requesting a replacement Txn-Token 
(by gffletch)

https://github.com/oauth-wg/oauth-transaction-tokens/pull/143- Updated Mutual Authentication Guidance (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/pull/142- Additional detail on 'aud' claim (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/pull/141- Clarification on token context (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/pull/140- Proposed editorial update to Txn-Token Response (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/pull/139- Trust domain clarification (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/pull/138- Clarify Transaction Token Context (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/pull/137- Editorial changes to the ASCII diagrams (by PieterKas)https://github.com/oauth-wg/oauth-transaction-tokens/pull/136

 4 pull requests merged:
 - clarified logging recommendation

https://github.com/oauth-wg/oauth-transaction-tokens/pull/125- Proposed editorial update to Txn-Token Responsehttps://github.com/oauth-wg/oauth-transaction-tokens/pull/139- Trust domain clarificationhttps://github.com/oauth-wg/oauth-transaction-tokens/pull/138- Editorial changes to the ASCII diagramshttps://github.com/oauth-wg/oauth-transaction-tokens/pull/136

* oauth-wg/oauth-sd-jwt-vc (+0/-1/💬0)
 1 pull requests merged:
 - Set upload email in makefile

https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/255

* oauth-wg/oauth-selective-disclosure-jwt (+1/-2/💬6)
 1 pull requests submitted:
 - Update upload artifact to v4  (by bc-pi)

https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/471

 3 pull requests received 6 new comments:
 - #471 Update upload artifact to v4  (1 by bc-pi)

https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/471- #467 introduction rewrite (1 by rohanmahy)https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/467- #466 Addressing one more of Mike's previous review comments (4 by Sakurann, bc-pi)https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/466

 2 pull requests merged:
 - Addressing one more of Mike's previous review comments

https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/466- Update upload artifact to v4https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/471

* oauth-wg/draft-ietf-oauth-status-list (+0/-1/💬0)
 1 pull requests merged:
 - add implementation consideration for Default Values and Double Alloca…

https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/172


Repositories tracked by this digest:
-----------------------------------
* https://github.com/oauth-wg/oauth-browser-based-apps
* https://github.com/oauth-wg/oauth-identity-chaining
* https://github.com/oauth-wg/oauth-transaction-tokens
* https://github.com/oauth-wg/oauth-sd-jwt-vc
* https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata
* https://github.com/oauth-wg/oauth-cross-device-security
* https://github.com/oauth-wg/oauth-selective-disclosure-jwt
* https://github.com/oauth-wg/oauth-v2-1
* https://github.com/oauth-wg/draft-ietf-oauth-status-list
* https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth

_______________________________________________
OAuth mailing list -- oauth@ietf.org
To unsubscribe send an email to oauth-le...@ietf.org

[OAUTH-WG] Weekly github digest (OAuth Activity Summary)

Reply via email to