On Sat, Jul 21, 2018 at 12:49 PM, Torsten Lodderstedt <
tors...@lodderstedt.net> wrote:
> Hi Dick,
>
> Am 19.07.2018 um 15:46 schrieb Dick Hardt :
>
> I think any scenario with multiple resource servers relying on the same AS
>> for authorization where the client acts on behalf of the resource own
This text is fine. I have issued IETF-LC.
On Mon, Jun 4, 2018 at 1:45 PM, Brian Campbell
wrote:
> Thanks Eric, I've added text in the just submitted -14 saying that only
> the two ends of the chain are to be considered in access control policy
> decisions.
>
> diff:
> https://www.ietf.org/rfcdif
Thanks Brian!
I have just made these two changes to the write-up.
Regards,
Rifaat
On Sun, Jul 22, 2018 at 5:13 PM Brian Campbell
wrote:
> In (1), could it maybe say "normative extensions" rather than "normative
> changes"?
>
> Also Ping Identity is two words (rather than "PingIdentity").
>
>
In (1), could it maybe say "normative extensions" rather than "normative
changes"?
Also Ping Identity is two words (rather than "PingIdentity").
Otherwise, it looks great. Thanks Rifaat!
On Sat, Jul 21, 2018 at 3:25 PM, Rifaat Shekh-Yusef
wrote:
> All,
>
> The following is the shepherd write-u
*jwsreq-16*
> >
> > in *section-10.4.1* - says to
> >
> > check the content type of the response is "application/jose"
> >
> >
> > I believe this should be application/jwt instead
> &g
I believe Filip is correct on these.
On Sat, Jul 21, 2018 at 1:03 PM, Filip Skokan wrote:
> Hello,
>
> about the mentioned content-types in the current draft *jwsreq-16*
>
> in *section-10.4.1* - says to
>
> check the content type of the response is "application/jose"
>
>
> I believe this should
