[OAUTH-WG] Weekly github digest (OAuth Activity Summary)
Repository Activity Summary Bot <do_not_reply@mnot.net> Sun, 08 February 2026 08:00 UTC
Return-Path: <do_not_reply@mnot.net>
X-Original-To: oauth@mail2.ietf.org
Delivered-To: oauth@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 94B3EB38E592 for <oauth@mail2.ietf.org>; Sun, 8 Feb 2026 00:00:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.397
X-Spam-Level:
X-Spam-Status: No, score=-2.397 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=mnot.net header.b="P+mEBKZ6"; dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=messagingengine.com header.b="kP1SFURu"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GEZQjgnrOpCO for <oauth@mail2.ietf.org>; Sun, 8 Feb 2026 00:00:45 -0800 (PST)
Received: from fhigh-a1-smtp.messagingengine.com (fhigh-a1-smtp.messagingengine.com [103.168.172.152]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256)) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 9DD5BB38DA11 for <oauth@ietf.org>; Sat, 7 Feb 2026 23:59:15 -0800 (PST)
Received: from phl-compute-02.internal (phl-compute-02.internal [10.202.2.42]) by mailfhigh.phl.internal (Postfix) with ESMTP id 87ECA140017E for <oauth@ietf.org>; Sun, 8 Feb 2026 02:59:15 -0500 (EST)
Received: from phl-frontend-03 ([10.202.2.162]) by phl-compute-02.internal (MEProxy); Sun, 08 Feb 2026 02:59:15 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h=cc :content-type:content-type:date:from:from:in-reply-to:message-id :mime-version:reply-to:subject:subject:to:to; s=fm1; t= 1770537555; x=1770623955; bh=Y7RU2p0Ae91kqWaArlomrd+QjaOxpU2MPnG rbePPRT8=; b=P+mEBKZ6yxu9PAL5jGTfVxyRXpL3DDwghig15qePqR5Qv8G7DMa 6DjAqgxxjqwtB617nTrrtmMhQkRmAA7T5/ILj//EAf8vHXUMvDUgDgx+RmygKYiN heo5nLVWzvB4x4REFKHPty0uRls5/iuByCbL40ftOMH5nrcFJ2L3MxtIIFWWHThY Ocf/LYp2q2OXiqTkN9k1wCsEVJy2kIRmCi8G5HBLOItWcYN5Kthh0d1XzgLm6cD2 wiao1T1QV7uel+15BBLa0YiD+Ocawu6PhlPgM5w83DYuSE/UT5a579IHYGfs//Ei 68a8pyrO+oB5LqZ4EBLaYQV+vycXt9OpGKA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date :feedback-id:feedback-id:from:from:in-reply-to:message-id :mime-version:reply-to:subject:subject:to:to:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1770537555; x= 1770623955; bh=Y7RU2p0Ae91kqWaArlomrd+QjaOxpU2MPnGrbePPRT8=; b=k P1SFURuZiK8CUx03OmQmTbPS7P5IYujAFiK901F7gYNCbpD2mAnLNJhOH+GpSj/G IGOFl4XxGlJvaQoG9OzfrAXg6EEpRv0rEoikOt4ChvXAWrCqGp6gp/a2D+CllRds PKdOhjhaXJ3v1d/DoDTWEss1GROpb6SqHr5XXMZuy7d/h24wy0QNet0dKs8wJQ7T z4phkqY3XLXzjqk8pd4yQqU5JLUKVseFmPHSPbnpM8lDKy99RormZAyYaMbHnF7e VN1ZoVEEofQ17ixMUEZi2hCrYB2akZ6zk7ltc9z+SCTIwVABJn6ydtnsR/G3j9bn W3KiSEnG0p6RVX1PwJY0g==
X-ME-Sender: <xms:U0KIaWSveU4awRx0PwDhHyalvOXrNXXQirtfuh4zK-U_Gi4CTvQ3Lw> <xme:U0KIaRoXMZiwr49VgQOATp26-zU8zEEdR4hVJpFOKgUt14WCFLO9G8oBxqltJDyjK qLq109m68O9uwx0_gt3SO1lHvHhfhZff4c0BYScJtPoTIJ0fdth>
X-ME-Received: <xmr:U0KIae7-UMhHVW-DQ5B_L6ar4-jUCcvQeUj8Py8_P42qnUSHGzG5dU_aJD6r2-5swWChgAUdu_rO267oR3MSIQT1PfaAJA6JR793rxFEFzQCG2VRHiVcP4A6HWu_-LmwSl0Gwqk>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefgedrtddtgdduleeffeelucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfurfetoffkrfgpnffqhgenuceu rghilhhouhhtmecufedttdenucfpohcuuggrthgvuchfihgvlhguucdlgeelmdenucfjug hrpegtggfhvffusegrtddtredttdejnecuhfhrohhmpeftvghpohhsihhtohhrhicutegt thhivhhithihucfuuhhmmhgrrhihuceuohhtuceoughopghnohhtpghrvghplhihsehmnh hothdrnhgvtheqnecuggftrfgrthhtvghrnhepkeefvdduteejvdefkeehieevuefgfefh teetveegffekffefteffvdelheduieetnecuffhomhgrihhnpehgihhthhhusgdrtghomh enucevlhhushhtvghrufhiiigvpedunecurfgrrhgrmhepmhgrihhlfhhrohhmpeguohgp nhhothgprhgvphhlhiesmhhnohhtrdhnvghtpdhnsggprhgtphhtthhopedupdhmohguvg epshhmthhpohhuthdprhgtphhtthhopehorghuthhhsehivghtfhdrohhrgh
X-ME-Proxy: <xmx:U0KIae1zjh3_LpQ21ALl5o267n7gnSUDeIVvd-4t44Dv-0n6jqgWhA> <xmx:U0KIaTG1bHJQlksYWhsgwilhoNUyFVQf68wEsfyFla4hYMa_Nb72-A> <xmx:U0KIaQSttFLWUh71SaRrQJg2J0egrlf-8OjdLEU2x4ihsDEQE4o6tA> <xmx:U0KIaSA4NCNquUm8aRoL592KX-vYJpM6AwoH0-AovYx8X5rjetI7kQ> <xmx:U0KIaS7y0hwhVtYn1Yk0H0_BzBp9WHeKo3FzKO4XXHLwsQnzDam36yps>
Feedback-ID: i1c3946f2:Fastmail
Message-Id: <1770537555.413302.7E2FF960@outbound.messagingengine.com>
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <oauth@ietf.org>; Sun, 8 Feb 2026 02:59:15 -0500 (EST)
Content-Type: multipart/alternative; boundary="===============7282975770031338684=="
MIME-Version: 1.0
From: Repository Activity Summary Bot <do_not_reply@mnot.net>
To: oauth@ietf.org
Date: Sat, 07 Feb 2026 23:59:15 -0800
Message-ID-Hash: YIBTPDWVP575BANVLD3USPX2DMP4TQ25
X-Message-ID-Hash: YIBTPDWVP575BANVLD3USPX2DMP4TQ25
X-MailFrom: do_not_reply@mnot.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [OAUTH-WG] Weekly github digest (OAuth Activity Summary)
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/UsuX28dkg2V39asarhNm6RMZV5g>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>
Events without label "editorial"
Issues
------
* oauth-wg/oauth-identity-chaining (+0/-2/π¬2)
2 issues received 2 new comments:
- #175 Standards Track vs. Informational (1 by bc-pi)
https://github.com/oauth-wg/oauth-identity-chaining/issues/175
- #146 Improve examples in the appendix (1 by bc-pi)
https://github.com/oauth-wg/oauth-identity-chaining/issues/146
2 issues closed:
- Standards Track vs. Informational https://github.com/oauth-wg/oauth-identity-chaining/issues/175
- Improve examples in the appendix https://github.com/oauth-wg/oauth-identity-chaining/issues/146
* oauth-wg/oauth-transaction-tokens (+0/-2/π¬1)
1 issues received 1 new comments:
- #294 Assuring single use by preserving jti from request. (1 by tulshi)
https://github.com/oauth-wg/oauth-transaction-tokens/issues/294 [WGLC Feedback]
2 issues closed:
- Privacy consideration and obfuscation aspects https://github.com/oauth-wg/oauth-transaction-tokens/issues/290 [WGLC Feedback]
- Assuring single use by preserving jti from request. https://github.com/oauth-wg/oauth-transaction-tokens/issues/294 [WGLC Feedback]
* oauth-wg/oauth-sd-jwt-vc (+0/-1/π¬5)
1 issues received 5 new comments:
- #378 Nat's SD-JWT-VC-13 Review (5 by bc-pi)
https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/378
1 issues closed:
- Dan's SD-JWT-VC-13 Review https://github.com/oauth-wg/oauth-sd-jwt-vc/issues/382 [HAS PR]
* oauth-wg/oauth-identity-assertion-authz-grant (+0/-0/π¬2)
1 issues received 2 new comments:
- #73 Proposal: Workload/Agent Identity SSO and Explicit Delegated βOn-Behalf-Ofβ Access (2 by alperdedeoglu, dschenkelman)
https://github.com/oauth-wg/oauth-identity-assertion-authz-grant/issues/73
* oauth-wg/draft-ietf-oauth-client-id-metadata-document (+1/-1/π¬8)
1 issues created:
- Clarify jwks vs jwks_uri support (by yissellokta)
https://github.com/oauth-wg/draft-ietf-oauth-client-id-metadata-document/issues/61
2 issues received 8 new comments:
- #61 Clarify jwks vs jwks_uri support (7 by ThisIsMissEm, aaronpk, btiernay, panva)
https://github.com/oauth-wg/draft-ietf-oauth-client-id-metadata-document/issues/61
- #26 Using `client_url` instead of `client_id` in authorize request (1 by aaronpk)
https://github.com/oauth-wg/draft-ietf-oauth-client-id-metadata-document/issues/26
1 issues closed:
- Using `client_url` instead of `client_id` in authorize request https://github.com/oauth-wg/draft-ietf-oauth-client-id-metadata-document/issues/26
Pull requests
-------------
* oauth-wg/oauth-identity-chaining (+3/-0/π¬0)
3 pull requests submitted:
- (by gffletch)
- (by PieterKas)
- (by bc-pi)
* oauth-wg/oauth-transaction-tokens (+1/-0/π¬0)
1 pull requests submitted:
- (by PieterKas)
* oauth-wg/oauth-sd-jwt-vc (+2/-0/π¬1)
2 pull requests submitted:
- (by bc-pi)
- (by bc-pi)
1 pull requests received 1 new comments:
- #390 Address Dan's review (1 by awoie)
https://github.com/oauth-wg/oauth-sd-jwt-vc/pull/390
* oauth-wg/draft-ietf-oauth-rfc7523bis (+0/-0/π¬14)
1 pull requests received 14 new comments:
- #24 tradeoffs between using issuer and specific endpoint urls (14 by AxelNennker, bc-pi, selfissued)
https://github.com/oauth-wg/draft-ietf-oauth-rfc7523bis/pull/24
* oauth-wg/draft-ietf-oauth-client-id-metadata-document (+1/-0/π¬2)
1 pull requests submitted:
- (by aaronpk)
2 pull requests received 2 new comments:
- #60 Add security consideration for changes in Client Metadata (1 by ThisIsMissEm)
https://github.com/oauth-wg/draft-ietf-oauth-client-id-metadata-document/pull/60
- #47 Add security consideration for changes in Client Metadata (1 by aaronpk)
https://github.com/oauth-wg/draft-ietf-oauth-client-id-metadata-document/pull/47
Repositories tracked by this digest:
-----------------------------------
* https://github.com/oauth-wg/oauth-browser-based-apps
* https://github.com/oauth-wg/oauth-identity-chaining
* https://github.com/oauth-wg/oauth-transaction-tokens
* https://github.com/oauth-wg/oauth-sd-jwt-vc
* https://github.com/oauth-wg/draft-ietf-oauth-resource-metadata
* https://github.com/oauth-wg/oauth-cross-device-security
* https://github.com/oauth-wg/oauth-selective-disclosure-jwt
* https://github.com/oauth-wg/oauth-v2-1
* https://github.com/oauth-wg/draft-ietf-oauth-status-list
* https://github.com/oauth-wg/draft-ietf-oauth-attestation-based-client-auth
* https://github.com/oauth-wg/oauth-identity-assertion-authz-grant
* https://github.com/oauth-wg/draft-ietf-oauth-rfc8725bis
* https://github.com/oauth-wg/draft-ietf-oauth-rfc7523bis
* https://github.com/oauth-wg/oauth-first-party-apps
* https://github.com/oauth-wg/draft-ietf-oauth-client-id-metadata-document
--
To have a summary like this sent to your list, see: https://github.com/ietf-github-services/activity-summary
- [OAUTH-WG] Weekly github digest (OAuth Activity S⦠Repository Activity Summary Bot