1. Nat Sakimura Avatar Nat Sakimura
  2. Untitled project
  3. oauth-jwsreq
  4. Issues

Mike's Comment (NITS)

Issue #6 resolved
Nat Sakimura repo owner created an issue

Section 1, bullet 3: In "The authorization server then examines the signature and show the conformance status to the end-user, who would have some assurance as to the legitimacy of the request when authorizing it", change "show" to "shows".

Section 1, second bullet 3: This is currently a run-on sentence, and needs to be split into two sentences: "The request_uri may include a SHA-256 hash of the file, as defined in FIPS180-2 [FIPS180-2], the server knows if the file has changed without fetching it, so it does not have to re-fetch a same file, which is a win as well."

Section 1, second bullet 4: This sentence is missing a verb: " When the client wants to simplify the implementation without compromising the security."

Section 1, second bullet 4: Change "they may be tampered in the browser" to "they may be tampered with in the browser".

Section 1, second bullet 4: Change "This implies we need to have signature on the request as well" to "This implies we need to have a signature on the request as well".

Section 1, second bullet 4: Change "tampered" to "tampered with".

Section 3, paragraph 1: Change "JWT [RFC7519] Claims Set" to "JWT Claims Set [RFC7519]".

Section 3, paragraph 4: Change "REQUIRED OAuth 2.0 Authorization Request parameters that are not included in the Request Object MUST be sent as a query parameter" to "REQUIRED OAuth 2.0 Authorization Request parameters that are not included in the Request Object MUST be sent as query parameters".

Section 3, paragraph 4: Change "If a required parameter is not present in neither the query parameter nor the Request Object, it forms a malformed request" to "If a required parameter is not present in either as a query parameter or in the Request Object, the request is malformed".

Section 3, paragraph 6: Change "the values in the Request Object takes precedence" to "the values in the Request Object take precedence".

Section 3, paragraph 6: Change "it cannot include such parameters like "state" that is expected to differ in every request" to "it cannot include parameters such as "state" that are expected to differ in every request".

Section 4, paragraph 6: Delete "(line breaks are for display purposes only)" since there are no extra line breaks in the example.

Comments (2)

  1. Nat Sakimura reporter

    Section 1, bullet 3: In "The authorization server then examines the signature and show the conformance status to the end-user, who would have some assurance as to the legitimacy of the request when authorizing it", change "show" to "shows".

    accept.

    Section 1, second bullet 3: This is currently a run-on sentence, and needs to be split into two sentences: "The request_uri may include a SHA-256 hash of the file, as defined in FIPS180-2 [FIPS180-2], the server knows if the file has changed without fetching it, so it does not have to re-fetch a same file, which is a win as well."

    superseded by #2

    Section 1, second bullet 4: This sentence is missing a verb: " When the client wants to simplify the implementation without compromising the security."

    superseded by #2.

    Section 1, second bullet 4: Change "they may be tampered in the browser" to "they may be tampered with in the browser".

    superseded by #2.

    Section 1, second bullet 4: Change "This implies we need to have signature on the request as well" to "This implies we need to have a signature on the request as well".

    superseded by #2.

    Section 1, second bullet 4: Change "tampered" to "tampered with".

    superseded by #2.

    Section 3, paragraph 1: Change "JWT [RFC7519] Claims Set" to "JWT Claims Set [RFC7519]".

    accept.

    Section 3, paragraph 4: Change "REQUIRED OAuth 2.0 Authorization Request parameters that are not included in the Request Object MUST be sent as a query parameter" to "REQUIRED OAuth 2.0 Authorization Request parameters that are not included in the Request Object MUST be sent as query parameters".

    accept.

    Section 3, paragraph 4: Change "If a required parameter is not present in neither the query parameter nor the Request Object, it forms a malformed request" to "If a required parameter is not present in either as a query parameter or in the Request Object, the request is malformed".

    accept.

    Section 3, paragraph 6: Change "the values in the Request Object takes precedence" to "the values in the Request Object take precedence".

    accept.

    Section 3, paragraph 6: Change "it cannot include such parameters like "state" that is expected to differ in every request" to "it cannot include parameters such as "state" that are expected to differ in every request".

    accept.

    Section 4, paragraph 6: Delete "(line breaks are for display purposes only)" since there are no extra line breaks in the example.

    accept.

  3. Log in to comment
Assignee
Type
bug
Priority
minor
Status
resolved
Votes
0
Watchers
0
Jira: the preferred issue tracker for Bitbucket. Join the team!