Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Identify recommended reading list #2

Open
kadamwhite opened this issue Nov 8, 2019 · 7 comments
Open

Identify recommended reading list #2

kadamwhite opened this issue Nov 8, 2019 · 7 comments
Assignees

Comments

@kadamwhite
Copy link
Contributor

kadamwhite commented Nov 8, 2019

Opening this to capture an action from the weekly chat: We should have a list of resources for familiarizing potential contributors with OAuth2 and JWT, and ideally list out RFCs for technologies which we intend to implement.

I would suggest this can either be a top-level markdown file linked from the README, or a README section of its own.

@dshanske
Copy link

dshanske commented Nov 26, 2019

OAuth 2.0 Security Best Current Practice https://tools.ietf.org/html/draft-ietf-oauth-security-topics-13

@dshanske
Copy link

https://tools.ietf.org/html/rfc8252 OAuth 2.0 for Native Apps

@koke
Copy link

koke commented Nov 27, 2019

OAuth 2.0 Security Best Current Practice https://tools.ietf.org/html/draft-ietf-oauth-security-topics-13

While this draft seems to be on track for publication, let's keep in mind that it's still a draft:

Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."

This Internet-Draft will expire on January 9, 2020.

@dshanske
Copy link

@koke This is a recommended reading list. I was adding the documents cited in the other issues as they would be recommended reading for discussion.

@aaronpk
Copy link

aaronpk commented Nov 27, 2019

The Security BCP is in last call, so if you have any comments on the draft this is the time to share it. You're welcome to give it a read and send feedback to the OAuth mailing list.

@aaronpk aaronpk mentioned this issue Dec 6, 2019
@spacedmonkey
Copy link

@spacedmonkey
Copy link

spacedmonkey commented Dec 6, 2019

For those interested in JSON and signing

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

6 participants