Hi all,
this revision addresses the comments from IESG review.
regards,
Torsten.
Am 06.10.2012 22:48, schrieb internet-dra...@ietf.org:
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol Working Group of
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol Working Group of
the IETF.
Title : OAuth 2.0 Threat Model and Security Considerations
Author(s) : Torsten Lodderstedt
+1
Phil
On 2012-10-06, at 10:07, Torsten Lodderstedt wrote:
> fine for me
>
> Am 05.10.2012 10:03, schrieb Hannes Tschofenig:
>> Hi all,
>>
>> here is an agenda proposal for the Atlanta IETF meeting:
>> (The indicated names are proposals.)
>>
>> --
>> Agenda:
>>
>> 1. Status Update, Age
Hi all,
the new revision addresses two issues raised on the list:
- The draft now gives a more precise description of the semantics of the
revocation request based on the concept of the underlying access grant.
- We incoporated CORS (in addition to JSONP) and renamed the respective
section to "
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol Working Group of
the IETF.
Title : Token Revocation
Author(s) : Torsten Lodderstedt
Stefanie Dron
Hi folks,
I would like to know your thoughts on the $subject..
For me it looks like a concrete use case where OAuth conceptually does
address - but protocol does not well defined..
Please find [1] for further details...
[1]:
http://blog.facilelogin.com/2012/10/ationwhat-oauth-lacks-resource-ow
fine for me
Am 05.10.2012 10:03, schrieb Hannes Tschofenig:
Hi all,
here is an agenda proposal for the Atlanta IETF meeting:
(The indicated names are proposals.)
--
Agenda:
1. Status Update, Agenda Bashing (Chairs)
2. Token Revocation (Thorsten)
3. Assertions (Brian + Mike)
4. OAuth Use C
