[OAUTH-WG] Weekly github digest (OAuth Activity Summary)

Sat, 23 Nov 2024 23:44:58 -0800 



Events without label "editorial"

Issues
------
* oauth-wg/oauth-transaction-tokens (+0/-0/💬2)
 2 issues received 2 new comments:
 - #119 Azd claim name conflict with RAR (1 by tulshi)

   https://github.com/oauth-wg/oauth-transaction-tokens/issues/119 
 - #111 Batch or long running processes and extending lifetime of a token (1 by tulshi)
   https://github.com/oauth-wg/oauth-transaction-tokens/issues/111 


* oauth-wg/oauth-sd-jwt-vc (+0/-0/💬4)
 2 issues received 4 new comments:
 - #274 Non-existent section referred for key binding JWT rules due to a typo 
(1 by bc-pi)

   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/274 
 - #205 defining how DID can be used as user's indetifier (3 by Sakurann, cre8, peacekeeper)
   https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/205 [pending close] 


* oauth-wg/oauth-selective-disclosure-jwt (+3/-0/💬0)
 3 issues created:
 - SD-JWT Parser requires saving the base64 encoded values? (by samuelgoto)

   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/532 
 - Small (and optional) editorial SD-JWT+KB's spec suggestion: remove whitespace from examples of JSON serialization  (by samuelgoto)
   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/531 
 - Missing procedures for Holder to validate disclosures recevied from Issuer (by rohanmahy)
   https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/530 


* oauth-wg/oauth-v2-1 (+0/-2/💬8)
 7 issues received 8 new comments:
 - #171 Handling of colliding URI query parameter names (1 by aaronpk)

   https://github.com/oauth-wg/oauth-v2-1/issues/171 
 - #161 Problems with authorization servers that don't support public clients (1 by aaronpk)
   https://github.com/oauth-wg/oauth-v2-1/issues/161 
 - #152 clarify last paragraph of 8.4.1 (1 by aaronpk)
   https://github.com/oauth-wg/oauth-v2-1/issues/152 
 - #146 Prohibition of using OAuth for user authentication (1 by aaronpk)
   https://github.com/oauth-wg/oauth-v2-1/issues/146 
 - #122 Add more security sensitive examples to intro to illustrate suitability (2 by aaronpk)
   https://github.com/oauth-wg/oauth-v2-1/issues/122 
 - #120 How can an AS support both 2.0 and 2.1 clients concurrently (1 by aaronpk)
   https://github.com/oauth-wg/oauth-v2-1/issues/120 
 - #95 Security consideration of size of client parameters (1 by aaronpk)
   https://github.com/oauth-wg/oauth-v2-1/issues/95 


 2 issues closed:

 - clarify last paragraph of 8.4.1 https://github.com/oauth-wg/oauth-v2-1/issues/152 
 - Prohibition of using OAuth for user authentication https://github.com/oauth-wg/oauth-v2-1/issues/146 


* oauth-wg/draft-ietf-oauth-status-list (+3/-5/💬3)
 3 issues created:
 - Re-work Security considerations (by c2bo)

   https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/199 
 - Add SD-JWT as example for Referenced Token to abstract and introduction (by paulbastian)
   https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/197 
 - Move examples out of first introduction section (by paulbastian)
   https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/196 


 3 issues received 3 new comments:
 - #147 Decide whether to drop the unsigned option (1 by c2bo)

   https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/147 [ready-for-pr] 
 - #143 OP Metadata Claim for Status List JWT endpoint (1 by paulbastian)
   https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/143 [ready-for-pr] 
 - #128 Add Security Consideration on signing status list (1 by c2bo)
   https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/128 


 5 issues closed:

 - Simplifying compression requirements https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/156 
 - Add Security Consideration on signing status list https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/128 
 - Decide whether to drop the unsigned option https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/147 [ready-for-pr] 
 - Support for content negotiation as denoted in the standard is limited for some CDNs and http servers https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/168 [ready-for-pr] 
 - Mixing JSON and CBOR formats https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/38 [ready-for-pr] 


* oauth-wg/draft-ietf-oauth-attestation-based-client-auth (+1/-0/💬0)
 1 issues created:
 - JWT examples are missing the `typ` header parameter (by TakahikoKawasaki)

   https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/94 




Pull requests
-------------
* oauth-wg/oauth-sd-jwt-vc (+1/-0/💬0)
 1 pull requests submitted:
 - fix section numbering in SD-JWT references to align with the latest -14 
version (by bc-pi)

   https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/275 


* oauth-wg/draft-ietf-oauth-status-list (+3/-3/💬2)
 3 pull requests submitted:
 - add status_list_aggregation_endpoint OAuth metadata (by paulbastian)

   https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/200 
 - rework the introduction (by paulbastian)
   https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/198 
 - Remove unsigned option (by c2bo)
   https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/195 


 2 pull requests received 2 new comments:
 - #200 add status_list_aggregation_endpoint OAuth metadata (1 by nynymike)

   https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/200 
 - #195 Remove unsigned option (1 by tplooker)
   https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/195 


 3 pull requests merged:
 - Remove unsigned option

   https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/195 
 - mixing formats and media types
   https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/183 
 - fixes from IETF review
   https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/190 



Repositories tracked by this digest:
-----------------------------------
* https://github.com/oauth-wg/oauth-browser-based-apps
* https://github.com/oauth-wg/oauth-identity-chaining
* https://github.com/oauth-wg/oauth-transaction-tokens
* https://github.com/oauth-wg/oauth-sd-jwt-vc
* https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata
* https://github.com/oauth-wg/oauth-cross-device-security
* https://github.com/oauth-wg/oauth-selective-disclosure-jwt
* https://github.com/oauth-wg/oauth-v2-1
* https://github.com/oauth-wg/draft-ietf-oauth-status-list
* https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth

_______________________________________________
OAuth mailing list -- oauth@ietf.org
To unsubscribe send an email to oauth-le...@ietf.org























					Reply via email to