[OAUTH-WG] Weekly github digest (OAuth Activity Summary)

Repository Activity Summary Bot Sat, 22 Feb 2025 23:44:51 -0800



Events without label "editorial"

Issues
------
* oauth-wg/oauth-browser-based-apps (+5/-0/💬6)
 5 issues created:
 - httpdir review notes (by aaronpk)

https://github.com/oauth-wg/oauth-browser-based-apps/issues/73- artart review notes (by aaronpk)https://github.com/oauth-wg/oauth-browser-based-apps/issues/72- opsdir review notes (by aaronpk)https://github.com/oauth-wg/oauth-browser-based-apps/issues/71- secdir review notes (by aaronpk)https://github.com/oauth-wg/oauth-browser-based-apps/issues/70- Process last call reviews (by aaronpk)https://github.com/oauth-wg/oauth-browser-based-apps/issues/69

 2 issues received 6 new comments:
 - #73 httpdir review notes (3 by aaronpk, philippederyck)

https://github.com/oauth-wg/oauth-browser-based-apps/issues/73- #69 Process last call reviews (3 by aaronpk)https://github.com/oauth-wg/oauth-browser-based-apps/issues/69

* oauth-wg/oauth-identity-chaining (+0/-3/💬8)
 4 issues received 8 new comments:
 - #139 Updates to reflect changes to RFC7523 (jwt_privatekey attack) (5 by 
PieterKas, bc-pi)

https://github.com/oauth-wg/oauth-identity-chaining/issues/139- #110 Client Authentication Security Considerations (1 by PieterKas)https://github.com/oauth-wg/oauth-identity-chaining/issues/110- #99 Using different keys for sender constrained tokens (1 by PieterKas)https://github.com/oauth-wg/oauth-identity-chaining/issues/99- #85 Recommended media type for JWT Authorization Grant (1 by PieterKas)https://github.com/oauth-wg/oauth-identity-chaining/issues/85

 3 issues closed:

- Using different keys for sender constrained tokens https://github.com/oauth-wg/oauth-identity-chaining/issues/99- Editorial Changes Requested https://github.com/oauth-wg/oauth-identity-chaining/issues/107- Client Authentication Security Considerations https://github.com/oauth-wg/oauth-identity-chaining/issues/110

* oauth-wg/oauth-transaction-tokens (+0/-0/💬2)
 2 issues received 2 new comments:
 - #111 Batch or long running processes and extending lifetime of a token (1 by 
obfuscoder)

https://github.com/oauth-wg/oauth-transaction-tokens/issues/111- #62 Long-living Access Token needed for internal batch processes/offline tasks? (1 by obfuscoder)https://github.com/oauth-wg/oauth-transaction-tokens/issues/62

* oauth-wg/draft-ietf-oauth-status-list (+2/-3/💬4)
 2 issues created:
 - Clarify whether Status List refers to the uncompressed or compressed byte 
array (by paulbastian)

https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/268- CDDL for CBOR (by paulbastian)https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/267

 2 issues received 4 new comments:
 - #255 About claim "aggregation_uri" (3 by Denisthemalice, c2bo)

https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/255 [pending-close]- #243 Extension Token Status List to x509 (1 by steffenschwalm)https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/243

 3 issues closed:

- Status List Token in CWT Format / typ value https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/262- Recommendations for key resolution section https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/265- Status List Tokens can be fetched either by the Relying Party or by the Holder https://github.com/oauth-wg/draft-ietf-oauth-status-list/issues/254



Pull requests
-------------
* oauth-wg/oauth-browser-based-apps (+1/-0/💬1)
 1 pull requests submitted:
 - Changes to address opsdir review feedback (by aaronpk)

https://github.com/oauth-wg/oauth-browser-based-apps/pull/74

 1 pull requests received 1 new comments:
 - #74 Changes to address opsdir review feedback (1 by aaronpk)

https://github.com/oauth-wg/oauth-browser-based-apps/pull/74

* oauth-wg/oauth-identity-chaining (+2/-0/💬0)
 2 pull requests submitted:
 - Recommendation on media types (by PieterKas)

https://github.com/oauth-wg/oauth-identity-chaining/pull/141- Security Considerations: subject token (by PieterKas)https://github.com/oauth-wg/oauth-identity-chaining/pull/140

* oauth-wg/oauth-selective-disclosure-jwt (+2/-0/💬0)
 2 pull requests submitted:
 - add a swift lib to Implementations list (by bc-pi)

https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/554- some updates resulting from late WG review (by bc-pi)https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/553

* oauth-wg/draft-ietf-oauth-status-list (+0/-4/💬0)
 4 pull requests merged:
 - fix cwt typ to use full media type

https://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/263- clarification on recommendations for key resolutionhttps://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/266- Holders may also fetch and verify Status List Tokenshttps://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/260- EKU guidancehttps://github.com/oauth-wg/draft-ietf-oauth-status-list/pull/258


Repositories tracked by this digest:
-----------------------------------
* https://github.com/oauth-wg/oauth-browser-based-apps
* https://github.com/oauth-wg/oauth-identity-chaining
* https://github.com/oauth-wg/oauth-transaction-tokens
* https://github.com/oauth-wg/oauth-sd-jwt-vc
* https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata
* https://github.com/oauth-wg/oauth-cross-device-security
* https://github.com/oauth-wg/oauth-selective-disclosure-jwt
* https://github.com/oauth-wg/oauth-v2-1
* https://github.com/oauth-wg/draft-ietf-oauth-status-list
* https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth


--
To have a summary like this sent to your list, see: 
https://github.com/ietf-github-services/activity-summary

_______________________________________________
OAuth mailing list -- oauth@ietf.org
To unsubscribe send an email to oauth-le...@ietf.org

[OAUTH-WG] Weekly github digest (OAuth Activity Summary)

Reply via email to