[OAUTH-WG] Weekly github digest (OAuth Activity Summary)

Sat, 09 Nov 2024 23:57:28 -0800 



Events without label "editorial"

Issues
------
* oauth-wg/oauth-identity-chaining (+4/-0/💬0)
 4 issues created:
 - Remove need for additional metadata (by PieterKas)

   https://github.com/oauth-wg/oauth-identity-chaining/issues/101 
 - Clarify client terminology (by PieterKas)
   https://github.com/oauth-wg/oauth-identity-chaining/issues/100 
 - Using different keys for sender constrained tokens (by PieterKas)
   https://github.com/oauth-wg/oauth-identity-chaining/issues/99 
 - Security Considerations on Client authentication (by PieterKas)
   https://github.com/oauth-wg/oauth-identity-chaining/issues/98 


* oauth-wg/oauth-sd-jwt-vc (+1/-0/💬0)
 1 issues created:
 - Document reasons for not using existing JSON query languages (by aaronpk)

   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/267 


* oauth-wg/oauth-selective-disclosure-jwt (+10/-0/💬3)
 10 issues created:
 - Hash Function Claim value case-sensitivity (by spheroid)

   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/523 
 - The last paragraph of section 10.5 (Issuer Identifier) can be removed (by Denisthemalice)
   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/522 
 - A new section about "Issuer anonymity" should be added (by Denisthemalice)
   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/521 
 - Section 10.3 (Confidentiality during Transport) should also mention integrity (by Denisthemalice)
   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/520 
 - Since claims always contain privacy-sensitive data section 10.2 would need to be reworded (by Denisthemalice)
   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/519 
 - Holders SHOULD NOT be required to store SD-JWTs "only in encrypted form" (by Denisthemalice)
   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/518 
 - Section 10.2 should be made more general to consider both the storage of signed and un-signed data (by Denisthemalice)
   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/517 
 - A new section about "End-User intrackability" should be added (by Denisthemalice)
   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/516 
 - The term "unlinkability" is overloaded. For more clarity, the wording "End-user intrackability" should be used in addition (by Denisthemalice)
   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/515 
 - A section should be added to consider the case of a presentation of claims to Verifier that have been issued by different Issuers (by Denisthemalice)
   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/514 


 2 issues received 3 new comments:
 - #516 A new section about "End-User intrackability" should be added (1 by 
paulbastian)

   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/516 
 - #489 A (KB-JWT) does not demonstrate a "proof of possession" of private key (2 by Denisthemalice, paulbastian)
   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/489 


* oauth-wg/oauth-v2-1 (+0/-0/💬1)
 1 issues received 1 new comments:
 - #183 Clarify `aud` values that should be accepted in `private_key_jwt` at 
the token (and other) endpoints (1 by bc-pi)

   https://github.com/oauth-wg/oauth-v2-1/issues/183 




Pull requests
-------------
* oauth-wg/oauth-identity-chaining (+1/-0/💬2)
 1 pull requests submitted:
 - Confirmation data transfer (by arndt-s)

   https://github.com/oauth-wg/oauth-identity-chaining/pull/102 


 2 pull requests received 2 new comments:
 - #102 Confirmation data transfer (1 by arndt-s)

   https://github.com/oauth-wg/oauth-identity-chaining/pull/102 
 - #95 Add sender constrained tokens (redo) (1 by arndt-s)
   https://github.com/oauth-wg/oauth-identity-chaining/pull/95 


* oauth-wg/oauth-transaction-tokens (+0/-1/💬0)
 1 pull requests merged:
 - Minor changes

   https://github.com/oauth-wg/oauth-transaction-tokens/pull/148 


* oauth-wg/draft-ietf-oauth-status-list (+1/-0/💬0)
 1 pull requests submitted:
 - fixes from IETF review (by paulbastian)

   https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/190 



Repositories tracked by this digest:
-----------------------------------
* https://github.com/oauth-wg/oauth-browser-based-apps
* https://github.com/oauth-wg/oauth-identity-chaining
* https://github.com/oauth-wg/oauth-transaction-tokens
* https://github.com/oauth-wg/oauth-sd-jwt-vc
* https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata
* https://github.com/oauth-wg/oauth-cross-device-security
* https://github.com/oauth-wg/oauth-selective-disclosure-jwt
* https://github.com/oauth-wg/oauth-v2-1
* https://github.com/oauth-wg/draft-ietf-oauth-status-list
* https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth

_______________________________________________
OAuth mailing list -- oauth@ietf.org
To unsubscribe send an email to oauth-le...@ietf.org























					Reply via email to