Releases · oauth-wg/draft-ietf-oauth-resource-metadata · GitHub

03 May 23:35

selfissued

draft-ietf-oauth-resource-metadata-05

draft-ietf-oauth-resource-metadata-05 Latest

Latest

Added SVG diagram

Assets 2

26 Apr 16:20

selfissued

draft-ietf-oauth-resource-metadata-04

draft-ietf-oauth-resource-metadata-04

Address WGLC comments.

Assets 2

01 Feb 12:40

selfissued

draft-ietf-oauth-resource-metadata-03

draft-ietf-oauth-resource-metadata-03

Applied correction by @panva

Contributors

panva

Assets 2

25 Jan 03:05

selfissued

draft-ietf-oauth-resource-metadata-02

draft-ietf-oauth-resource-metadata-02

Switched from concatenating .well-known to the end of the resource identifier to inserting it between the host and path components of it.
Have WWW-Authenticate return resource_metadata rather than resource.

Assets 2

21 Oct 02:29

aaronpk

draft-ietf-oauth-resource-metadata-01

draft-ietf-oauth-resource-metadata-01

Renamed scopes_provided to scopes_supported
Added security consideration for scopes_supported
Use BCP 195 for TLS recommendations
Clarified that resource metadata can be used by clients and authorization servers
Updated references
Added security consideration recommending audience-restricted access tokens
Mention FAPI Message Signing as a use case for publishing signing keys

Assets 2

06 Sep 23:36

selfissued

draft-ietf-oauth-resource-metadata-00

draft-ietf-oauth-resource-metadata-00

draft-ietf-oauth-resource-metadata-00

Assets 2

07 Jul 23:36

aaronpk

draft-jones-oauth-resource-metadata-04

draft-jones-oauth-resource-metadata-04

Merge pull request #1 from selfissued/mbj-www-authenticate

Added WWW-Authenticate functionality from draft-parecki-oauth-authorization-server-discovery-00

Assets 2

07 Jul 19:00

selfissued

draft-jones-oauth-resource-metadata-03

draft-jones-oauth-resource-metadata-03

Aaron Parecki added Security Considerations on Server-Side Request Forgery (SSRF) and Phishing.
Added Aaron Parecki as an author.

Assets 2