[OAUTH-WG] draft-ietf-oauth-assertions WGLC comment II

Brian Campbell <bcampbell@pingidentity.com> Mon, 23 April 2012 12:58 UTC

Return-Path: <bcampbell@pingidentity.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E552D21F84E4 for <oauth@ietfa.amsl.com>; Mon, 23 Apr 2012 05:58:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.959
X-Spam-Level:
X-Spam-Status: No, score=-5.959 tagged_above=-999 required=5 tests=[AWL=0.017, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J8iH8St1jLEi for <oauth@ietfa.amsl.com>; Mon, 23 Apr 2012 05:58:38 -0700 (PDT)
Received: from na3sys009aog121.obsmtp.com (na3sys009aog121.obsmtp.com [74.125.149.145]) by ietfa.amsl.com (Postfix) with ESMTP id 0763D21F849B for <oauth@ietf.org>; Mon, 23 Apr 2012 05:58:37 -0700 (PDT)
Received: from mail-vb0-f50.google.com ([209.85.212.50]) (using TLSv1) by na3sys009aob121.postini.com ([74.125.148.12]) with SMTP ID DSNKT5VR/ZAeNGFjkS6+q7cbLh8EVY5+Feap@postini.com; Mon, 23 Apr 2012 05:58:38 PDT
Received: by vbnl22 with SMTP id l22so11812378vbn.37 for <oauth@ietf.org>; Mon, 23 Apr 2012 05:58:36 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:from:date:message-id:subject:to:content-type :x-gm-message-state; bh=3hP75BqQ6q7PJugUEJ9YMOA1R40S68WtGz8LPGVglcE=; b=B1MN2ri7nkedHgmQXoKpNc6EVxhe/pnA/2e/iZlcTqjK4op0qcdNgMYPqtVRkA+fxz z0yf13WUDaxoxXWkdbXxxYlI81VcSSOg5y4TMr0hu/7vY1kO/5K6K0vrTSzydkrZ8SrA OYs23MZlAz+o92AUmsw22pD7X+uwl67Sugg6OvEsHqO6+qBiXQ7DNgoTF7+W4PSqjKY4 zuaQVdu1lLJEfd8c8upyWF2soJeGDNEZQ3FGO8Bf5O9JMiwqeWIwyuHeKJfjnnt0JERL q/bqu0HQg7bcq8cG14VXrT5Q33mheOwscjqs65I8xkflcsI9s/04rfdLYu93hfi9ENU2 5ETw==
Received: by 10.52.65.170 with SMTP id y10mr8634938vds.48.1335185916854; Mon, 23 Apr 2012 05:58:36 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.52.38.104 with HTTP; Mon, 23 Apr 2012 05:58:06 -0700 (PDT)
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Mon, 23 Apr 2012 06:58:06 -0600
Message-ID: <CA+k3eCR3ZD5k0w1-4xyT3R2qniP-+NEeQnV_Qb+44XividcnBg@mail.gmail.com>
To: oauth <oauth@ietf.org>
Content-Type: multipart/alternative; boundary=20cf307f3af248811c04be5832b6
X-Gm-Message-State: ALoCoQnaAT/18+c8qRcjbOkMNyZly+yK10INXTjdXO+HZL3LRvEN7BAPTS2xT/mwGUE5JQJVpkCY
Subject: [OAUTH-WG] draft-ietf-oauth-assertions WGLC comment II
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Apr 2012 12:58:39 -0000

The third paragraph of §4.1* has, "The following section defines the use of
assertions as client credentials as an extension of Section
3.2<http://tools.ietf.org/html/draft-ietf-oauth-assertions-01#section-3.2>of
OAuth 2.0 [
I-D.ietf.oauth-v2<http://tools.ietf.org/html/draft-ietf-oauth-assertions-01#ref-I-D.ietf.oauth-v2>]."
However the Section 3.2 link is to #section-3.2 in the assertions document
(which doesn't exist and is the wrong document) rather than to the core
OAuth document.

I think it should probably reference §2.3 (rather than 3.2) of oauth-v2**
and the link should be fixed or removed.



* http://tools.ietf.org/html/draft-ietf-oauth-assertions-01#section-4.1
** http://tools.ietf.org/html/draft-ietf-oauth-v2-25#section-2.3