[OAUTH-WG] I-D Action: draft-ietf-oauth-token-exchange-09.txt

Brian Campbell

2017-07-03 14:54:32 UTC

Draft -09 of OAuth 2.0 Token Exchange
<https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-09> has been
published with the following relatively minor changes resulting from
working group last call feedback.

-09

o Changed "security tokens obtained could be used in a number of
contexts" to "security tokens obtained may be used in a number of
contexts" per a WGLC suggestion.
o Clarified that the validity of the subject or actor token have no
impact on the validity of the issued token after the exchange has
occurred per a WGLC comment.
o Changed use of invalid_target error code to a SHOULD per a WGLC
comment.
o Clarified text about non-identity claims within the "act" claim
being meaningless per a WGLC comment.
o Added brief Privacy Considerations section per WGLC comments.

---------- Forwarded message ----------
From: <internet-***@ietf.org>
Date: Mon, Jul 3, 2017 at 8:48 AM
Subject: [OAUTH-WG] I-D Action: draft-ietf-oauth-token-exchange-09.txt
To: i-d-***@ietf.org
Cc: ***@ietf.org

A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the Web Authorization Protocol of the IETF.

Title : OAuth 2.0 Token Exchange
Authors : Michael B. Jones
Anthony Nadalin
Brian Campbell
John Bradley
Chuck Mortimore
Filename : draft-ietf-oauth-token-exchange-09.txt
Pages : 31
Date : 2017-07-03

Abstract:
This specification defines a protocol for an HTTP- and JSON- based
Security Token Service (STS) by defining how to request and obtain
security tokens from OAuth 2.0 authorization servers, including
security tokens employing impersonation and delegation.

The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-token-exchange/

There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-09
https://datatracker.ietf.org/doc/html/draft-ietf-oauth-token-exchange-09

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-token-exchange-09

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

_______________________________________________
OAuth mailing list
***@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

--
*CONFIDENTIALITY NOTICE: This email may contain confidential and privileged
material for the sole use of the intended recipient(s). Any review, use,
distribution or disclosure by others is strictly prohibited. If you have
received this communication in error, please notify the sender immediately
by e-mail and delete the message and any file attachments from your
computer. Thank you.*