[OAUTH-WG] Opsdir last call review of draft-ietf-oauth-token-exchange-14
Zitao Wang <wangzitao@huawei.com> Wed, 01 August 2018 06:21 UTC
Return-Path: <wangzitao@huawei.com>
X-Original-To: oauth@ietf.org
Delivered-To: oauth@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 53D3C130FB2; Tue, 31 Jul 2018 23:21:10 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Zitao Wang <wangzitao@huawei.com>
To: ops-dir@ietf.org
Cc: draft-ietf-oauth-token-exchange.all@ietf.org, ietf@ietf.org, oauth@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.83.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <153310447029.3248.454015280311920642@ietfa.amsl.com>
Date: Tue, 31 Jul 2018 23:21:10 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/FUQOjzl50xBXKRNYlgRM8s4DXBA>
Subject: [OAUTH-WG] Opsdir last call review of draft-ietf-oauth-token-exchange-14
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.27
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Aug 2018 06:21:10 -0000
Reviewer: Zitao Wang Review result: Ready I have reviewed this document as part of the Operational directorate’s ongoing effort to review all IETF documents being processed by the IESG. These comments were written with the intent of improving the operational aspects of the IETF drafts. Comments that are not addressed in last call may be included in AD reviews during the IESG review. Document editors and WG chairs should treat these comments just like any other last call comments. Document reviewed: draft-ietf-oauth-token-exchange-14 Summary: This specification defines a protocol for an HTTP- and JSON- based Security Token Service (STS) by defining how to request and obtain security tokens from OAuth 2.0 authorization servers, including security tokens employing impersonation and delegation.