Re: [OAUTH-WG] Improper use of 'Pragma: no-cache' response header in OAuth 2.0 RFCs?

I know it's kind of a trivial issue but I was hoping that at least a couple people would either agree with me or explain why I'm wrong. On Thu, Feb 19, 2015 at 4:47 PM, Brian Campbell wrote: > Examples in RFC 6750 and RFC 6749 >

Re: [OAUTH-WG] Improper use of 'Pragma: no-cache' response header in OAuth 2.0 RFCs?

Yes, so we should track it but I don’t think it rises to the level of an errata on its own. > On Feb 19, 2015, at 6:47 PM, Brian Campbell > wrote: > > Examples in RFC 6750 and RFC 6749 > as well as some normative text i

Re: [OAUTH-WG] AD review of Draft-ietf-dyn-reg

Hello, Thanks for updating the draft. I just want to confirm that Hannes is okay with the updated definitions and updates the shepherd report to reflect that. This is getting held up a bit while we sort through copyright of text from UMA and OpenID. The text from UMA went into an IETF draft, so

Re: [OAUTH-WG] AD review of Draft-ietf-dyn-reg

Thanks, Kathleen. This had been discussed on the OAuth list before, but just in case you or the IETF legal counsel weren’t aware of it – the reason that it’s OK to produce derivative works from OpenID specs, as draft-ietf-oauth-dyn-reg did, is that it’s explicitly allowed by the OpenID Foundat

Re: [OAUTH-WG] AD review of Draft-ietf-dyn-reg

Hi Mike, On Tue, Feb 24, 2015 at 6:47 PM, Mike Jones wrote: > Thanks, Kathleen. This had been discussed on the OAuth list before, but > just in case you or the IETF legal counsel weren’t aware of it – the reason > that it’s OK to produce derivative works from OpenID specs, as > draft-ietf-oaut

Re: [OAUTH-WG] AD review of Draft-ietf-dyn-reg

Is there plans to derive from any other parts of openid connect and bring them into IETF/OAuth? Thanks. On 2/24/2015 6:47 PM, Mike Jones wrote: Thanks, Kathleen. This had been discussed on the OAuth list before, but just in case you or the IETF legal counsel weren’t aware of it – the reason t

Re: [OAUTH-WG] AD review of Draft-ietf-dyn-reg

Not that I'm aware of. -Original Message- From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Bill Burke Sent: Tuesday, February 24, 2015 3:59 PM To: oauth@ietf.org Subject: Re: [OAUTH-WG] AD review of Draft-ietf-dyn-reg Is there plans to derive from any other parts of openid connect

Re: [OAUTH-WG] AD review of Draft-ietf-dyn-reg

I was able to get a response, I'm guessing the question got too buried in the thread over the past few days. Essentially, it is the contributors responsibility to ensure it's ok to include text. If this was Mike or someone else that believe it is fine, then we can proceed. Hannes may need to

Re: [OAUTH-WG] AD review of Draft-ietf-dyn-reg

Yes but it is authenticating the client to the AS as part of the resource owners consent. Ther eis a one to one mapping of resource owner to client in that case. The client ID is no more identifying than the refresh token that maps to the RO by design. Yes the grant identifies the RO in so

Re: [OAUTH-WG] AD review of Draft-ietf-dyn-reg

Yes as one of the Authors and a officer of the OpenID Foundation the text was contributed in accordance with the OIDF copyright, allowing derivative works. The OIDF is well aware of this specification and is pleased to contribute parts of the connect specification that have broader applicability

Re: [OAUTH-WG] AD review of Draft-ietf-dyn-reg

Thanks, John! Sent from my iPhone > On Feb 24, 2015, at 9:03 PM, John Bradley wrote: > > Yes as one of the Authors and a officer of the OpenID Foundation the text was > contributed in accordance with the OIDF copyright, allowing derivative works. > > The OIDF is well aware of this specificati