Mike Jones
2016-11-14 07:27:17 UTC
Draft -04 of the Authentication Method Reference Values specification addresses comments by our security area director Kathleen Moriarty. Changes were:
· Added amr claim examples with both single and multiple values.
· Clarified that the actual credentials referenced are not part of this specification to avoid additional privacy concerns for biometric data.
· Clarified that the OAuth 2.0 Threat Model [RFC6819] applies to applications using this specification.
The specification is available at:
· http://tools.ietf.org/html/draft-ietf-oauth-amr-values-04
An HTML-formatted version is also available at:
· http://self-issued.info/docs/draft-ietf-oauth-amr-values-04.html
-- Mike
P.S. This notice was also posted at http://self-issued.info/?p=1617 and as @selfissued<https://twitter.com/selfissued>.
· Added amr claim examples with both single and multiple values.
· Clarified that the actual credentials referenced are not part of this specification to avoid additional privacy concerns for biometric data.
· Clarified that the OAuth 2.0 Threat Model [RFC6819] applies to applications using this specification.
The specification is available at:
· http://tools.ietf.org/html/draft-ietf-oauth-amr-values-04
An HTML-formatted version is also available at:
· http://self-issued.info/docs/draft-ietf-oauth-amr-values-04.html
-- Mike
P.S. This notice was also posted at http://self-issued.info/?p=1617 and as @selfissued<https://twitter.com/selfissued>.