[OAUTH-WG] OAuth Authorization Server Metadata spec incorporating IETF last call feedback

The OAuth Authorization Server Metadata specification has been updated to incorporate feedback received during IETF last call. Thanks to Shwetha Bhandari, Brian Carpenter, Donald Eastlake, Dick Hardt, and Mark Nottingham for their reviews. See the Document History appendix for clarifications a

[OAUTH-WG] I-D Action: draft-ietf-oauth-discovery-08.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Web Authorization Protocol WG of the IETF. Title : OAuth 2.0 Authorization Server Metadata Authors : Michael B. Jones Nat Sa

Re: [OAUTH-WG] New Version of draft-sakimura-oauth-meta for the discussion of draft-hardt-oauth-distributed

And, for what it's worth, here's the (poorly named) resource indicators draft that was mentioned during the same discussion. https://tools.ietf.org/html/draft-campbell-oauth-resource-indicators-02 On Wed, Nov 15, 2017 at 6:11 PM, Nat Sakimura wrote: > I just revved the expired and archived dra

Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-security-topics-04.txt

Comments on draft-ietf-oauth-security-topics-04 1. Section 2.2 states: 2.2.  Token Leakage Prevention    Authorization servers _*shall*_ use TLS-based methods for sender    constraint access tokens as described in section Section 4.7.1.2,    such as token binding [I-D.ietf-oauth-t

[OAUTH-WG] New Version of draft-sakimura-oauth-meta for the discussion of draft-hardt-oauth-distributed

I just revved the expired and archived draft so that it will be easier for discussion around draft-hardt-oauth-distributed . This is the draft I mentioned during the meeting. Previous versions had JSON response as "_links" as well. Best, Nat -- Forwarded message - From: Date: W