[Last-Call] Secdir telechat review of draft-ietf-ace-oauth-authz-41

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Reviewer: Phillip Hallam-Baker
Review result: Ready

This draft was previously reviewed by Steve Kent for the -27 version. My review
therefore mostly consists of checking that the changes recommended have been
made and that no new issues have arisen. Note that contrary to the data in the
tracker, I was not given the assignment in 2019.

If you decide that you want to use OAUTH for authorization security for
Internet of Things, this is a reasonable approach to take. This is not a simple
proposition or for the fainthearted. OAuth is built around the various
constraints of the browser world to which the constraints of being a
constrained device are added.

The issues raised by Steve have all been addressed as far as I can see. It
looks good to go but since it is a security spec, ADs should still take note.


-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call



[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux