[OAUTH-WG] Weekly github digest (OAuth Activity Summary)

Repository Activity Summary Bot Sat, 11 Jan 2025 23:46:18 -0800



Events without label "editorial"

Issues
------
* oauth-wg/oauth-browser-based-apps (+0/-0/💬6)
 1 issues received 6 new comments:
 - #62 Using Web Workers to refresh access tokens adds implementation 
complexity for marginal security benefit (6 by micolous, pavinduLakshan, 
philippederyck)

https://github.com/oauth-wg/oauth-browser-based-apps/issues/62

* oauth-wg/oauth-identity-chaining (+2/-2/💬4)
 2 issues created:
 - Privacy considerations (by PieterKas)

https://github.com/oauth-wg/oauth-identity-chaining/issues/126- Add sender constraining of tokens to the security considerations (by PieterKas)https://github.com/oauth-wg/oauth-identity-chaining/issues/125

 3 issues received 4 new comments:
 - #122 Review usage of "one domain" and "another domain" (2 by PieterKas, 
kburgin3)

https://github.com/oauth-wg/oauth-identity-chaining/issues/122- #108 How would SD-JWT be used in claims transcription (1 by PieterKas)https://github.com/oauth-wg/oauth-identity-chaining/issues/108- #79 Should we allow identity chaining with DPoP tokens? (1 by PieterKas)https://github.com/oauth-wg/oauth-identity-chaining/issues/79

 2 issues closed:

- How would SD-JWT be used in claims transcription https://github.com/oauth-wg/oauth-identity-chaining/issues/108- Remove references to Federation https://github.com/oauth-wg/oauth-identity-chaining/issues/103

* oauth-wg/oauth-selective-disclosure-jwt (+4/-2/💬0)
 4 issues created:
 - Proposed rewording for Section 9.5 about Key Binding (by Denisthemalice)

https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/539- Proposed rewording in Section 1.2 about Key Binding (by Denisthemalice)https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/538- Proposed rewording in Section 1 about Key Binding (by Denisthemalice)https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/537- It is outside of the scope of this document to appraise the effectiveness of the Key Binding mechanism (by Denisthemalice)https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/536

 2 issues closed:

- Update of Issue #514 (new section 9.12) for the support of Post Quantum cryptography https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/529 [pending-close]- Comments and issues raised during the 1rst and the 2nd WGLC have not been addressed in -14 https://github.com/oauth-wg/oauth-selective-disclosure-jwt/issues/528

* oauth-wg/oauth-v2-1 (+0/-1/💬2)
 2 issues received 2 new comments:
 - #168 "Suprising" printing service example in introduction (1 by aaronpk)

https://github.com/oauth-wg/oauth-v2-1/issues/168- #120 How can an AS support both 2.0 and 2.1 clients concurrently (1 by aaronpk)https://github.com/oauth-wg/oauth-v2-1/issues/120

 1 issues closed:

- "Suprising" printing service example in introduction https://github.com/oauth-wg/oauth-v2-1/issues/168

* oauth-wg/draft-ietf-oauth-status-list (+1/-1/💬1)
 1 issues created:
 - Test vectors (by paulbastian)

https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/216

 1 issues received 1 new comments:
 - #212 Drop "Methods" from registry names (1 by paulbastian)

https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/212

 1 issues closed:

- Drop "Methods" from registry names https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/212

* oauth-wg/draft-ietf-oauth-attestation-based-client-auth (+0/-0/💬1)
 1 issues received 1 new comments:
 - #94 JWT examples are missing the `typ` header parameter (1 by c2bo)

https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth/issues/94 [bug] [ready-for-pr]



Pull requests
-------------
* oauth-wg/oauth-identity-chaining (+2/-4/💬1)
 2 pull requests submitted:
 - Remove reference to sd-jwt (by PieterKas)

https://github.com/oauth-wg/oauth-identity-chaining/pull/127- Added delegated key binding (by kburgin3)https://github.com/oauth-wg/oauth-identity-chaining/pull/124

 1 pull requests received 1 new comments:
 - #117 Update diagram in Overview section (1 by gffletch)

https://github.com/oauth-wg/oauth-identity-chaining/pull/117

 4 pull requests merged:
 - Remove reference to sd-jwt

https://github.com/oauth-wg/oauth-identity-chaining/pull/127- Editorial clarificationshttps://github.com/oauth-wg/oauth-identity-chaining/pull/115- Clarify resource server as clienthttps://github.com/oauth-wg/oauth-identity-chaining/pull/118- Clarify AS-as-Clienthttps://github.com/oauth-wg/oauth-identity-chaining/pull/119

* oauth-wg/oauth-sd-jwt-vc (+1/-0/💬0)
 1 pull requests submitted:
 - Make extension point for issuer key resolution more explicit (by awoie)

https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/294

* oauth-wg/oauth-selective-disclosure-jwt (+1/-1/💬8)
 1 pull requests submitted:
 - add Watson Ladd suggested text with minor adaptations (by bc-pi)

https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/535

 2 pull requests received 8 new comments:
 - #535 add Watson Ladd's suggested text with minor adaptations (7 by 
Denisthemalice, bc-pi, dhs-BI, wbl)

https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/535- #475 ISO/IEC 29100 is too private (1 by danielfett)https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/475

 1 pull requests merged:
 - Changes aimed at AD's review of the formal appeal

https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/533

* oauth-wg/oauth-v2-1 (+4/-3/💬1)
 4 pull requests submitted:
 - Oauth versions (by dickhardt)

https://github.com/oauth-wg/oauth-v2-1/pull/205- More secure use case (by dickhardt)https://github.com/oauth-wg/oauth-v2-1/pull/204- point implementers to OIDC in intro #151 (by dickhardt)https://github.com/oauth-wg/oauth-v2-1/pull/203- #192 (by dickhardt)https://github.com/oauth-wg/oauth-v2-1/pull/202

 1 pull requests received 1 new comments:
 - #205 Oauth versions (1 by aaronpk)

https://github.com/oauth-wg/oauth-v2-1/pull/205

 3 pull requests merged:
 - More secure use case

https://github.com/oauth-wg/oauth-v2-1/pull/204- point implementers to OIDC in intro #151https://github.com/oauth-wg/oauth-v2-1/pull/203- #192https://github.com/oauth-wg/oauth-v2-1/pull/202

* oauth-wg/draft-ietf-oauth-status-list (+2/-3/💬2)
 2 pull requests submitted:
 - chore: fix python example build for newer ubuntu versions (by c2bo)

https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/215- rename Status Mechanism Methods registry to Status Mechanisms registry (by paulbastian)https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/214

 1 pull requests received 2 new comments:
 - #214 rename Status Mechanism Methods registry to Status Mechanisms registry 
(2 by c2bo, paulbastian)

https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/214

 3 pull requests merged:
 - rename Status Mechanism Methods registry to Status Mechanisms registry

https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/214- Nit - change "write" to "right" for describing directionalityhttps://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/213- chore: fix python example build for newer ubuntu versionshttps://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/215


Repositories tracked by this digest:
-----------------------------------
* https://github.com/oauth-wg/oauth-browser-based-apps
* https://github.com/oauth-wg/oauth-identity-chaining
* https://github.com/oauth-wg/oauth-transaction-tokens
* https://github.com/oauth-wg/oauth-sd-jwt-vc
* https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata
* https://github.com/oauth-wg/oauth-cross-device-security
* https://github.com/oauth-wg/oauth-selective-disclosure-jwt
* https://github.com/oauth-wg/oauth-v2-1
* https://github.com/oauth-wg/draft-ietf-oauth-status-list
* https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth

_______________________________________________
OAuth mailing list -- oauth@ietf.org
To unsubscribe send an email to oauth-le...@ietf.org

[OAUTH-WG] Weekly github digest (OAuth Activity Summary)

Reply via email to