[OAUTH-WG] AD review of draft-ietf-oauth-native-apps

Hello, Thanks for taking the time to document this best practice and the implementations in the appendix. I have one comment and a few nits. Security Considerations: I think it would go a long way to organize these as ones that apply to this best practice and ones (8.1 and the example in 8.2) abo

Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-jwsreq-13.txt

One more thing, this document really should register "iss", "aud", and "exp" (and maybe other common JWT claims that are about the token itself like "jti", "iat", etc) as authorization request parameters in https://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtml#parameters because

Re: [OAUTH-WG] Alexey Melnikov's Discuss on draft-ietf-oauth-jwsreq-13: (with DISCUSS)

Thanks. We will try to address that today. John B. On Apr 24, 2017 7:16 AM, "Alexey Melnikov" wrote: > Alexey Melnikov has entered the following ballot position for > draft-ietf-oauth-jwsreq-13: Discuss > > When responding, please keep the subject line intact and reply to all > email addresses

[OAUTH-WG] Alexey Melnikov's Discuss on draft-ietf-oauth-jwsreq-13: (with DISCUSS)

Alexey Melnikov has entered the following ballot position for draft-ietf-oauth-jwsreq-13: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https:

Re: [OAUTH-WG] Call for Adoption: Mutual TLS Profiles for OAuth Clients

I support the adoption of this draft by the working group. On Sun, Apr 23, 2017 at 9:11 AM, Torsten Lodderstedt < tors...@lodderstedt.net> wrote: > +1 for adoption > > Am 21.04.2017 um 21:43 schrieb Nat Sakimura : > > +1 for adoption > > On Apr 21, 2017 9:32 PM, "Dave Tonge" wrote: > >> I suppor