Re: [OAUTH-WG] Last Call: <draft-ietf-oauth-v2-23.txt> (The OAuth 2.0 Authorization Protocol) to Proposed Standard

Barry Leiba <barryleiba@computer.org> Mon, 23 January 2012 18:31 UTC

Return-Path: <barryleiba.mailing.lists@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E52321F84C9; Mon, 23 Jan 2012 10:31:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.876
X-Spam-Level:
X-Spam-Status: No, score=-102.876 tagged_above=-999 required=5 tests=[AWL=0.101, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ROn-nhPcIlJ0; Mon, 23 Jan 2012 10:31:57 -0800 (PST)
Received: from mail-yx0-f172.google.com (mail-yx0-f172.google.com [209.85.213.172]) by ietfa.amsl.com (Postfix) with ESMTP id 2B36D21F84A1; Mon, 23 Jan 2012 10:31:56 -0800 (PST)
Received: by yenm3 with SMTP id m3so1500821yen.31 for <multiple recipients>; Mon, 23 Jan 2012 10:31:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=rxBfFtbQLKSr67GTCam3tv6BZbEUZOKBn0oEndnGj8w=; b=uA5cPh+FLrbZc8PGMRb81QjP/7oSgw55bBwE66quLaYFdtl91Aaa3A+MkT/o/xpYcn YKeucT3Jks/XDaI0iAQQIARPpnT6B7XFQErrWpvE8b6k0zMYuf1WwgEeY6A7A3cAmehM ZKDMiowPMglkf0KQKoQF2DPEP2G6Nr8jiUO0Y=
MIME-Version: 1.0
Received: by 10.236.139.193 with SMTP id c41mr13056450yhj.24.1327343516549; Mon, 23 Jan 2012 10:31:56 -0800 (PST)
Sender: barryleiba.mailing.lists@gmail.com
Received: by 10.146.136.20 with HTTP; Mon, 23 Jan 2012 10:31:56 -0800 (PST)
In-Reply-To: <20120123154409.15089.51253.idtracker@ietfa.amsl.com>
References: <20120123154409.15089.51253.idtracker@ietfa.amsl.com>
Date: Mon, 23 Jan 2012 13:31:56 -0500
X-Google-Sender-Auth: 0KHqhPT1FcIgtmj5WU_4h9C_LiM
Message-ID: <CAC4RtVCSBae04fHDwTA2RZN=mTu-5wg4DsQzyoyOWuAdPNwN1Q@mail.gmail.com>
From: Barry Leiba <barryleiba@computer.org>
To: ietf@ietf.org
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: oauth@ietf.org
Subject: Re: [OAUTH-WG] Last Call: <draft-ietf-oauth-v2-23.txt> (The OAuth 2.0 Authorization Protocol) to Proposed Standard
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Jan 2012 18:31:58 -0000

> The IESG has received a request from the Web Authorization Protocol WG
> (oauth) to consider the following document:
> - 'The OAuth 2.0 Authorization Protocol'
>  <draft-ietf-oauth-v2-23.txt> as a Proposed Standard

There are some downrefs in this document that need to be called out in
the Last Call notice, which weren't.

* There is a normative reference to RFC 1750, which will be updated to
point to RFC 4086 before publication.

* There is a normative reference to RFC 2246 (TLS 1.0), which has been
obsoleted by RFC 4346 (TLS 1.1).  The document uses this reference to
note that TLS 1.0 is, at this writing, the most widely deployed
version.  The working group believes it is necessary to note that, and
that the reference be normative.

* There is a normative reference to Informational RFC 2818 (HTTP over TLS).

* There is a normative reference to Informational RFC 4627
(application/json Media Type).

* There is a normative reference to Informational RFC 4949 (Internet
Security Glossary).  This is an allowed downref.

Barry, document shepherd