RFC Errata
RFC 9200, "Authentication and Authorization for Constrained Environments Using the OAuth 2.0 Framework (ACE-OAuth)", August 2022
Source of RFC: ace (sec)
Errata ID: 8236
Status: Reported
Type: Technical
Publication Format(s) : HTML
Reported By: Marco Tiloca
Date Reported: 2025-01-03
Section F.2 says:
The AS provides the introspection response (2.05 Content) containing
parameters about the token.
...
| | |
| E: |<---------+ Header: 2.05 Content
| | 2.05 | Content-Format: application/ace+cbor
| | | Payload: <Response-Payload>
| | |
...
It should say:
The AS provides the introspection response (2.01 Created) containing
parameters about the token.
...
| | |
| E: |<---------+ Header: 2.01 Created
| | 2.01 | Content-Format: application/ace+cbor
| | | Payload: <Response-Payload>
| | |
...
Notes:
The quoted text and the example in Figure 18 consider a response with CoAP response code 2.05 (Content). However, as defined in Section 5.9.2, a successful response from the /introspect endpoint has CoAP response code 2.01 (Created).
Moreover, 2.05 (Content) is not a valid CoAP response code for a response to a POST request, see Section 10.1.4 of RFC 7252.