Last Call Review of draft-ietf-oauth-token-exchange-14

Request Review of draft-ietf-oauth-token-exchange
Requested rev. no specific revision (document currently at 16)
Type Last Call Review
Team Ops Directorate (opsdir)
Deadline 2018-08-06
Requested 2018-07-23
Other Reviews Genart Last Call review of -14 by Jari Arkko (diff)
Secdir Last Call review of -14 by Hilarie Orman (diff)
Review State Completed
Reviewer Zitao Wang
Review review-ietf-oauth-token-exchange-14-opsdir-lc-wang-2018-07-31
Posted at
Reviewed rev. 14 (document currently at 16)
Review result Ready
Draft last updated 2018-07-31
Review completed: 2018-07-31


I have reviewed this document as part of the Operational directorate’s ongoing effort to review all IETF documents being processed by the IESG.  These comments were written with the intent of improving the operational aspects of the IETF drafts. Comments that are not addressed in last call may be included in AD reviews during the IESG review.  Document editors and WG chairs should treat these comments just like any other last call comments.

Document reviewed: draft-ietf-oauth-token-exchange-14


This specification defines a protocol for an HTTP- and JSON- based  Security Token Service (STS) by defining how to request and obtain  security tokens from OAuth 2.0 authorization servers, including security tokens employing impersonation and delegation.