Hi all, the authors have published a new draft of the Browser-Based Apps
BCP addressing Rifaat's comments from the shepherd writeup. Notes on the
individual points are below, copied from Philippe's PR for these changes on
GitHub.
Section 6.1.1
“This response to the browser will also trigger the re
Internet-Draft draft-ietf-oauth-browser-based-apps-20.txt is now available. It
is a work item of the Web Authorization Protocol (OAUTH) WG of the IETF.
Title: OAuth 2.0 for Browser-Based Applications
Authors: Aaron Parecki
David Waite
Philippe De Ryck
Name:dr
BEGIN:VCALENDAR
PRODID:-//Microsoft Corporation//Outlook 10.0 MIMEDIR//EN
VERSION:2.0
METHOD:CANCEL
BEGIN:VTIMEZONE
TZID:America/New_York
LAST-MODIFIED:20221105T024526Z
TZURL:https://www.tzurl.org/zoneinfo-outlook/America/New_York
X-LIC-LOCATION:America/New_York
BEGIN:DAYLIGHT
TZNAME:EDT
TZOFFSETFR
Carsten wrote:
(...) it is impractical for a wallet to make this kind of
judgement for each issued credential.
Carsten is correct : a wallet /which is an application /cannot make any
kind of judgement.
However a human-being, i.e., an End-user that has the control over an
Holder (applic
