My comments were made in: http://www.ietf.org/mail-archive/web/apps-discuss/current/msg03805.html Most of them (excepting the nits) haven't been addressed in the drafts. Regards, Begin forwarded message: > Subject: [OAUTH-WG] Last Call: <draft-ietf-oauth-v2-bearer-15.txt> (The OAuth 2.0 Authorization Protocol: Bearer Tokens) to Proposed Standard > Date: Mon, 23 Jan 2012 07:46:43 -0800 > From: The IESG <iesg-secretary@xxxxxxxx> > Reply-To: ietf@xxxxxxxx > To: IETF-Announce <ietf-announce@xxxxxxxx> > CC: oauth@xxxxxxxx > > > The IESG has received a request from the Web Authorization Protocol WG > (oauth) to consider the following document: > - 'The OAuth 2.0 Authorization Protocol: Bearer Tokens' > <draft-ietf-oauth-v2-bearer-15.txt> as a Proposed Standard > > The IESG plans to make a decision in the next few weeks, and solicits > final comments on this action. Please send substantive comments to the > ietf@xxxxxxxx mailing lists by 2012-02-06. Exceptionally, comments may be > sent to iesg@xxxxxxxx instead. In either case, please retain the > beginning of the Subject line to allow automated sorting. > > Abstract > > > This specification describes how to use bearer tokens in HTTP > requests to access OAuth 2.0 protected resources. Any party in > possession of a bearer token (a "bearer") can use it to get access to > the associated resources (without demonstrating possession of a > cryptographic key). To prevent misuse, bearer tokens need to be > protected from disclosure in storage and in transport. > > > > > The file can be obtained via > http://datatracker.ietf.org/doc/draft-ietf-oauth-v2-bearer/ > > IESG discussion can be tracked via > http://datatracker.ietf.org/doc/draft-ietf-oauth-v2-bearer/ > > > No IPR declarations have been submitted directly on this I-D. > -- Mark Nottingham http://www.mnot.net/ _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf