[OAUTH-WG] [Technical Errata Reported] RFC6749 (5873)
RFC Errata System <rfc-editor@rfc-editor.org> Fri, 11 October 2019 07:13 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0CC431200F7 for <oauth@ietfa.amsl.com>; Fri, 11 Oct 2019 00:13:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DqcJWKzigtUA for <oauth@ietfa.amsl.com>; Fri, 11 Oct 2019 00:13:14 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4FBC312008B for <oauth@ietf.org>; Fri, 11 Oct 2019 00:13:14 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id 861CDB80C94; Fri, 11 Oct 2019 00:13:04 -0700 (PDT)
To: dick.hardt@gmail.com, rdd@cert.org, kaduk@mit.edu, Hannes.Tschofenig@gmx.net, rifaat.ietf@gmail.com
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: ludwig.seitz@ri.se, oauth@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20191011071304.861CDB80C94@rfc-editor.org>
Date: Fri, 11 Oct 2019 00:13:04 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/PCViCtNzPubf0J9fKRDy00w3EEc>
Subject: [OAUTH-WG] [Technical Errata Reported] RFC6749 (5873)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Oct 2019 07:13:16 -0000
The following errata report has been submitted for RFC6749, "The OAuth 2.0 Authorization Framework". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid5873 -------------------------------------- Type: Technical Reported by: Ludwig Seitz <ludwig.seitz@ri.se> Section: 11.4 Original Text ------------- Corrected Text -------------- 11.4.2 Initial Registry Contents The OAuth Extensions Error registry's initial contents are: o Error name: invalid_request o Error usage location: authorization code grant error response, implicit grant error response, token error response o Related protocol extension: authorization code grant, implicit grant, any access token type o Change controller: IETF o Specification document(s): RFC 6749 o Error name: unauthorized_client o Error usage location: authorization code grant error response, implicit grant error response, token error response o Related protocol extension: authorization code grant, implicit grant, any access token type o Change controller: IETF o Specification document(s): RFC 6749 o Error name: access_denied o Error usage location: authorization code grant error response, implicit grant error response o Related protocol extension: authorization code grant, implicit grant o Change controller: IETF o Specification document(s): RFC 6749 o Error name: unsupported_response_type o Error usage location: authorization code grant error response, implicit grant error response o Related protocol extension: authorization code grant, implicit grant o Change controller: IETF o Specification document(s): RFC 6749 o Error name: invalid_scope o Error usage location: authorization code grant error response, implicit grant error response, token error response o Related protocol extension: authorization code grant, implicit grant, any access token type o Change controller: IETF o Specification document(s): RFC 6749 o Error name: server_error o Error usage location: authorization code grant error response, implicit grant error response o Related protocol extension: authorization code grant, implicit grant o Change controller: IETF o Specification document(s): RFC 6749 o Error name: temporarily_unavailable o Error usage location: authorization code grant error response, implicit grant error response o Related protocol extension: authorization code grant, implicit granto Change controller: IETF o Specification document(s): RFC 6749 o Error name: invalid_client o Error usage location: token error response o Related protocol extension: any access token type o Change controller: IETF o Specification document(s): RFC 6749 o Error name: invalid_grant o Error usage location: token error response o Related protocol extension: any access token type o Change controller: IETF o Specification document(s): RFC 6749 o Error name: unsupported_grant_type o Error usage location: token error response o Related protocol extension: any access token type o Change controller: IETF o Specification document(s): RFC 6749 Notes ----- It seems that the values specified in sections 4.1.2.1.,4.2.2.1. and 5.2. should have been added to the registry but were forgotten. This errata suggests "any access token type" for "Related protocol extension" for the error codes of 5.2 since they seem to apply to any errors returned from the token endpoint, no matter which access token type is involved. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC6749 (draft-ietf-oauth-v2-31) -------------------------------------- Title : The OAuth 2.0 Authorization Framework Publication Date : October 2012 Author(s) : D. Hardt, Ed. Category : PROPOSED STANDARD Source : Web Authorization Protocol Area : Security Stream : IETF Verifying Party : IESG
- [OAUTH-WG] [Technical Errata Reported] RFC6749 (5… RFC Errata System