RFC Errata
Found 2 records.
Status: Verified (1)
RFC 7662, "OAuth 2.0 Token Introspection", October 2015
Source of RFC: oauth (sec)
Errata ID: 4764
Status: Verified
Type: Editorial
Publication Format(s) : TEXT
Reported By: Brian Campbell
Date Reported: 2016-08-04
Verifier Name: Roman Danyliw
Date Verified: 2024-01-17
Section 3.1 says:
OAuth registration client metadata names and descriptions are registered by
It should say:
OAuth token introspection response parameters are registered by
Notes:
The original text erroneously mentions registration of client metadata names, however, this RFC 7662 is about about token introspection and this section is about registration of token introspection response parameters (client metadata name registration is RFC 7591).
Status: Reported (1)
RFC 7662, "OAuth 2.0 Token Introspection", October 2015
Source of RFC: oauth (sec)
Errata ID: 7607
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Fulong Sun
Date Reported: 2023-08-17
Section 2.2 says:
a given token has been issued by this authorization server, has not been revoked by the resource owner, and is within its given time window of validity
It should say:
a given token has been issued by this authorization server, has not been revoked by the resource owner or client, and is within its given time window of validity
Notes:
RFC 7009 defined a given token can be revoke by client, so should write client here.