[OAUTH-WG] [Editorial Errata Reported] RFC6819 (5965)

RFC Errata System <rfc-editor@rfc-editor.org> Thu, 23 January 2020 16:14 UTC

Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 6EEC21208AD for <oauth@ietfa.amsl.com>; Thu, 23 Jan 2020 08:14:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 6ty7ZTbfqyE4 for <oauth@ietfa.amsl.com>; Thu, 23 Jan 2020 08:14:20 -0800 (PST)
Received: from rfc-editor.org (rfc-editor.org []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9D0F01208AC for <oauth@ietf.org>; Thu, 23 Jan 2020 08:14:19 -0800 (PST)
Received: by rfc-editor.org (Postfix, from userid 30) id 7DC10F406CD; Thu, 23 Jan 2020 08:14:09 -0800 (PST)
To: torsten@lodderstedt.net, mark.mcgloin@ie.ibm.com, phil.hunt@yahoo.com, rdd@cert.org, kaduk@mit.edu, Hannes.Tschofenig@gmx.net, rifaat.ietf@gmail.com
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: david.piggott@disneystreaming.com, oauth@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset=UTF-8
Message-Id: <20200123161409.7DC10F406CD@rfc-editor.org>
Date: Thu, 23 Jan 2020 08:14:09 -0800 (PST)
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/qH69LjXuPQuq-IRX8qN6BrD28Zk>
Subject: [OAUTH-WG] [Editorial Errata Reported] RFC6819 (5965)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jan 2020 16:14:25 -0000

The following errata report has been submitted for RFC6819,
"OAuth 2.0 Threat Model and Security Considerations".

You may review the report below and at:

Type: Editorial
Reported by: David Piggott <david.piggott@disneystreaming.com>


Original Text
Store access token hashes only (Section

Corrected Text
Store authorization code hashes only (Section


This erratum is currently posted as "Reported". If necessary, please
use "Reply All" to discuss whether it should be verified or
rejected. When a decision is reached, the verifying party  
can log in to change the status and edit the report, if necessary. 

RFC6819 (draft-ietf-oauth-v2-threatmodel-08)
Title               : OAuth 2.0 Threat Model and Security Considerations
Publication Date    : January 2013
Author(s)           : T. Lodderstedt, Ed., M. McGloin, P. Hunt
Category            : INFORMATIONAL
Source              : Web Authorization Protocol
Area                : Security
Stream              : IETF
Verifying Party     : IESG