https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata/pull/62
describes the motivations for the IANA registration procedure, as requested,
and closes the loophole. Let me know if you’d like any changes before we merge
and publish.
Murray Kucherawy has entered the following ballot position for
draft-ietf-oauth-resource-metadata-12: No Objection
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Pleas
Hi Mike,
On Wed, Oct 2, 2024 at 11:01 PM Michael Jones
wrote:
> --
> DISCUSS:
> --
>
> I concur strongly enough with John Scudder's comment about the IANA
> reg
Yes, this is the path if things need to change in an RFC. But in this case, the
question was about something that is already in the current RFC text that
doesn’t need to change. I was trying to point out that "proposed standard" is
code for the final text of that RFC. In this instance, carrying
Just to be clear, RFC 9068 does say the "sub" claim is required:
https://www.rfc-editor.org/rfc/rfc9068.html#section-2.2
That is the feature Matt originally asked about. That feature is in RFC
9068, so it is complete, and no update is needed.
So yes, by all means, please consider "sub" to be a r
It might be worth reviewing how updates or changes are made available to a
completed “Proposed Standard”.
In my experience I’ve seen:
* Errata
* An updated version noted as RFC bis (where bis is Old Latin for
“repeat”)
* A new Internet-Draft which, if promoted to “Proposed Sta
My apologies - I just realized that I mistakenly typed "RFC6086" on the first
part of the message, to be clear the entire comment is in fact about RFC9068.
— Justin
On Oct 10, 2024, at 9:48 AM, Justin Richer wrote:
Hi Matt,
RFC6086 is published and final — there is not ongoing work on that d
Hi Matt,
RFC6086 is published and final — there is not ongoing work on that document,
because it is complete. I’m sure there is also other work happening all around
about profiling JWTs for specific purposes and circumstances.
The wording of "Proposed Standard" can be confusing. It does not mea
First, my sincerest condolences regarding the loss of Vittorio Bertocci,
someone who had an astonishing impact on the industry and community at large.
I was reminded of this loss today as I was having a conversation with some
peers about the optional nature of the sub claim in JWTs used in OAuth
