informative vs normative references

Issue #201 resolved

Joseph Heenan created an issue 2021-05-19

RFC6749, RFC8414 and RFC7591 are listed as informative references.

I wonder if they should be normative. I found guidance at https://www.ietf.org/about/groups/iesg/statements/normative-informative-references/ that would suggest at least 6749 should be normative I think.

Comments (7)

Joseph Heenan reporter
This arose in the context of a discussion of the certifications tests, which optionally use DCR in the FAPI-CIBA tests, and whether redirect_uris is required (as per https://openid.net/specs/openid-connect-registration-1_0.html#ClientRegistration ) or optional (as per https://datatracker.ietf.org/doc/html/rfc7591#section-2).

I’m tempted to go with ‘optional’ as per RFC7591 but other opinions welcome.
- 2021-05-19T15:28:34+00:00
Brian Campbell
Yeah, RFC6749 should be normative at least. In a way it kind of is as a transitive normative reference from OIDC core (same with RFC7231 really). But I digress, RFC6749 should just move to normative.

RFC8414 and RFC7591 are less obvious (to me anyway) but I’m inclined to leave them informative.
- 2021-05-19T21:37:35+00:00
Brian Campbell
In the context of the context of the discussion from which this arose, IMHO RFC7591 and not requiring redirect_uris in cases where a redirect_uri won’t be used and isn't needed is the way to go.

‌
- 2021-05-19T21:42:44+00:00
Brian Campbell
PR #14 moves the RFC6749 reference to normative
- 2021-05-19T22:35:49+00:00
Brian Campbell
0d23754 moves the RFC6749 reference to normative in main and fixes some other tooling problems resolving references
- 2021-05-24T21:59:58+00:00
Bjorn Hjelm
- assigned issue to
  
  Dave Tonge
- 2021-05-25T14:24:30+00:00
Dave Tonge
- changed status to resolved
issue fixed
- 2021-05-25T14:28:38+00:00
Log in to comment