My comments were made in:
http://www.ietf.org/mail-archive/web/apps-discuss/current/msg03805.html
Most of them (excepting the nits) haven't been addressed in the drafts.
Regards,
Begin forwarded message:
Subject: [OAUTH-WG] Last Call: <draft-ietf-oauth-v2-bearer-15.txt> (The OAuth
2.0 Authorization Protocol: Bearer Tokens) to Proposed Standard
Date: Mon, 23 Jan 2012 07:46:43 -0800
From: The IESG <iesg-secretary(_at_)ietf(_dot_)org>
Reply-To: ietf(_at_)ietf(_dot_)org
To: IETF-Announce <ietf-announce(_at_)ietf(_dot_)org>
CC: oauth(_at_)ietf(_dot_)org
The IESG has received a request from the Web Authorization Protocol WG
(oauth) to consider the following document:
- 'The OAuth 2.0 Authorization Protocol: Bearer Tokens'
<draft-ietf-oauth-v2-bearer-15.txt> as a Proposed Standard
The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf(_at_)ietf(_dot_)org mailing lists by 2012-02-06. Exceptionally, comments
may be
sent to iesg(_at_)ietf(_dot_)org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.
Abstract
This specification describes how to use bearer tokens in HTTP
requests to access OAuth 2.0 protected resources. Any party in
possession of a bearer token (a "bearer") can use it to get access to
the associated resources (without demonstrating possession of a
cryptographic key). To prevent misuse, bearer tokens need to be
protected from disclosure in storage and in transport.
The file can be obtained via
http://datatracker.ietf.org/doc/draft-ietf-oauth-v2-bearer/
IESG discussion can be tracked via
http://datatracker.ietf.org/doc/draft-ietf-oauth-v2-bearer/
No IPR declarations have been submitted directly on this I-D.
--
Mark Nottingham http://www.mnot.net/
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf