[OAUTH-WG] I-D Action: draft-ietf-oauth-dyn-reg-metadata-00.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Web Authorization Protocol Working Group of the IETF. Title : OAuth 2.0 Dynamic Client Registration Metadata Authors : Justin Richer

[OAUTH-WG] I-D Action: draft-ietf-oauth-dyn-reg-management-00.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Web Authorization Protocol Working Group of the IETF. Title : OAuth 2.0 Dynamic Client Registration Management Protocol Authors : Justin Richer

[OAUTH-WG] I-D Action: draft-ietf-oauth-dyn-reg-16.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Web Authorization Protocol Working Group of the IETF. Title : OAuth 2.0 Dynamic Client Registration Core Protocol Authors : Justin Richer

[OAUTH-WG] Working Group Versions of Refactored OAuth Dynamic Client Registration Specs

There are now OAuth working group versions of the refactored OAuth Dynamic Client Registration specifications: *OAuth 2.0 Dynamic Client Registration Core Protocol *OAuth 2.0 Dynamic Client Registration Metadata *OAuth 2.0 Dynamic C

Re: [OAUTH-WG] [Technical Errata Reported] RFC6749 (3880)

Could we make Mishra's suggestion simpler? Example: For public clients using implicit flows, this specification does not provide any method for the client to determine that an access token was issued to its current instance. I'm not sure if it is explicit enough, neither convinced about "instance

Re: [OAUTH-WG] Another question on RFC 7009

Thanks, Todd and Thomas, for the responses. After some internal debate, I think we are going to treat it as an invalid token (which it is in that context) and return a 200. On Fri, Jan 31, 2014 at 11:19 AM, Thomas Broyer wrote: > FWIW, we return unauthorized_client. > Le 31 janv. 2014 18:06, "T