Last Call: <draft-ietf-oauth-v2-bearer-20.txt> (The OAuth 2.0 Authorization Framework: Bearer Token Usage) to Proposed Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The IESG has received a request from the Web Authorization Protocol WG
(oauth) to consider the following document:
- 'The OAuth 2.0 Authorization Framework: Bearer Token Usage'
  <draft-ietf-oauth-v2-bearer-20.txt> as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2012-06-27. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

This 2nd IETF LC is due to an IPR declartion being made after 
the previous IETF LC - a reviewer noticed some IPR and did the
right thing and made a declaration.

Abstract


   This specification describes how to use bearer tokens in HTTP
   requests to access OAuth 2.0 protected resources.  Any party in
   possession of a bearer token (a "bearer") can use it to get access to
   the associated resources (without demonstrating possession of a
   cryptographic key).  To prevent misuse, bearer tokens need to be
   protected from disclosure in storage and in transport.

* There is a normative reference to RFC 2246 (TLS 1.0), which has been
obsoleted by RFC 5246 (TLS 1.2).  The document uses this reference to
note that TLS 1.0 is, at this writing, the most widely deployed
version.  The working group believes it is necessary to note that, and
that the reference be normative.

The file can be obtained via
http://datatracker.ietf.org/doc/draft-ietf-oauth-v2-bearer/

IESG discussion can be tracked via
http://datatracker.ietf.org/doc/draft-ietf-oauth-v2-bearer/ballot/


The following IPR Declarations may be related to this I-D:

   http://datatracker.ietf.org/ipr/1752/





[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux