Hi all, While going through the feedback and issues on github, there was one bigger discussion point that we would like to bring to the mailing list. Steffen Schwalm asked for support for X.509 Certificate revocation with the Status List - in that case the Status List describing the status of an X.509 Certificate (relevant issue https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/243). That would mean defining an extension to X.509 to embed the relevant information for a Status List (URI and index) and creating validation rules etc. While we understand the general motivation as is discussed in more detail in the issue, it would be somewhat of a change of scope for the Status List draft. We felt it might be out of scope of the OAuth Working Group and rather in scope of other working groups like lamps? Any comments/opinions would be appreciated! Best Regards, Christian Bormann |
_______________________________________________ OAuth mailing list -- oauth@ietf.org To unsubscribe send an email to oauth-le...@ietf.org
