5:40 AM
To: Justin Richer
Cc: oauth
Subject: Re: [OAUTH-WG] OAuth for Browser-Based Apps
Hi Justin,
Thank you for your detailed review.
> §9+ this draft should add privacy considerations, particularly for BFF
> pattern's proxy architecture.e
I wanted to ask for a bit more context
Hi Justin,
Thank you for your detailed review.
> §9+ this draft should add privacy considerations, particularly for BFF
> pattern's proxy architecture.e
I wanted to ask for a bit more context on this comment. I understand that
having a proxy as a separate entity would expose all requests/resp
As promised at the last meeting, I have been able to do a full review of the
OAuth for Browser Based Applications draft spec, and my notes are attached,
indexed by sections and paragraphs where possible.
Even though my notes are extensive, I do want to say that overall the document
is in great
Thank you, you're absolutely correct. I've updated a few uses of that to
something hopefully more accurate. There are a few more uses of "DOM" still
and I would love someone who has more experience with browsers than me to
review those for accuracy as well! Thanks!
Latest editor's draft:
https://
On Wed, Dec 7, 2022 at 1:07 AM Aaron Parecki wrote:
> Hi all,
>
> I just published a revised version of OAuth for Browser-Based Apps based
> on the feedback and discussion at IETF 115 London!
>
> https://www.ietf.org/archive/id/draft-ietf-oauth-browser-based-apps-12.html
>
> The primary changes a
Hi all,
I just published a revised version of OAuth for Browser-Based Apps based on
the feedback and discussion at IETF 115 London!
https://www.ietf.org/archive/id/draft-ietf-oauth-browser-based-apps-12.html
The primary changes are:
* Rephrased the architecture patterns to focus on token acquis
