[OAUTH-WG] [Technical Errata Reported] RFC9470 (7951)
RFC Errata System <rfc-editor@rfc-editor.org> Wed, 22 May 2024 18:30 UTC
Return-Path: <wwwrun@rfcpa.rfc-editor.org>
X-Original-To: oauth@ietf.org
Delivered-To: oauth@ietfa.amsl.com
Received: from rfcpa.rfc-editor.org (unknown [167.172.21.234]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 83C6FC14F5FF; Wed, 22 May 2024 11:30:55 -0700 (PDT)
Received: by rfcpa.rfc-editor.org (Postfix, from userid 461) id DCCFEC000063; Wed, 22 May 2024 11:30:54 -0700 (PDT)
To: vittorio@auth0.com, bcampbell@pingidentity.com, debcooley1@gmail.com, paul.wouters@aiven.io, hannes.tschofenig@arm.com, rifaat.s.ietf@gmail.com
From: RFC Errata System <rfc-editor@rfc-editor.org>
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20240522183054.DCCFEC000063@rfcpa.rfc-editor.org>
Date: Wed, 22 May 2024 11:30:54 -0700
Message-ID-Hash: FUNV6IUR2YXINUGDE2UCZQCRRHKXN7X3
X-Message-ID-Hash: FUNV6IUR2YXINUGDE2UCZQCRRHKXN7X3
X-MailFrom: wwwrun@rfcpa.rfc-editor.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: tomasz.kuczynski@man.poznan.pl, oauth@ietf.org, rfc-editor@rfc-editor.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [OAUTH-WG] [Technical Errata Reported] RFC9470 (7951)
List-Id: OAUTH WG <oauth.ietf.org>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>
The following errata report has been submitted for RFC9470, "OAuth 2.0 Step Up Authentication Challenge Protocol". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid7951 -------------------------------------- Type: Technical Reported by: Tomasz Kuczyński <tomasz.kuczynski@man.poznan.pl> Section: 6.2 Original Text ------------- "exp": 1639528912, "iat": 1618354090, "auth_time": 1646340198, Corrected Text -------------- "exp": 1639528912, "iat": 1618354090, "auth_time": 1618354090, Notes ----- I noticed a small inconsistency in the example "Figure 7: Introspection Response". It seems that the time for the user-authentication event should be less than or equal to the time of token issuance to ensure logical coherence. Instructions: ------------- This erratum is currently posted as "Reported". (If it is spam, it will be removed shortly by the RFC Production Center.) Please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party will log in to change the status and edit the report, if necessary. -------------------------------------- RFC9470 (draft-ietf-oauth-step-up-authn-challenge-17) -------------------------------------- Title : OAuth 2.0 Step Up Authentication Challenge Protocol Publication Date : September 2023 Author(s) : V. Bertocci, B. Campbell Category : PROPOSED STANDARD Source : Web Authorization Protocol Stream : IETF Verifying Party : IESG
- [OAUTH-WG] [Technical Errata Reported] RFC9470 (7… RFC Errata System
- [OAUTH-WG] Re: [Technical Errata Reported] RFC947… Justin Richer
- [OAUTH-WG] Re: [Technical Errata Reported] RFC947… Tomasz Kuczyński
- [OAUTH-WG] Re: [Technical Errata Reported] RFC947… Brian Campbell
- [OAUTH-WG] Re: [Technical Errata Reported] RFC947… Tomasz Kuczyński
- [OAUTH-WG] Re: [Technical Errata Reported] RFC947… Brian Campbell