I reviewed the draft "Assertion Framework for OAuth 2.0 Client Authentication and Authorization Grants" (draft-ietf-oauth-assertions-17.txt) for its operational impact. 




 




Summary: The document specifies a framework for the use of assertions with OAuth 2.0 in the form of a new client authentication mechanism and a new authorization grant type.  Mechanisms specified are for transporting assertions during
interactions with a token endpoint, as well as general processing rules.




 




Intended status: Standards Track




Current status:  IESG Evaluation




    IANA Review State: IANA - Not OK




    IANA Action State: None 




 




 




No specific management aspects have been discussed. I think the document does not create any operational or network management issues. 




 




There is an Outdated reference: 




  A later version (-20) exists of draft-ietf-oauth-dyn-reg-16




 




Mehmet