RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

Found 2 records.

Status: Verified (1)

RFC 7662, "OAuth 2.0 Token Introspection", October 2015

Source of RFC: oauth (sec)

Errata ID: 4764
Status: Verified
Type: Editorial
Publication Format(s) : TEXT

Reported By: Brian Campbell
Date Reported: 2016-08-04
Verifier Name: Roman Danyliw
Date Verified: 2024-01-17

Section 3.1 says:

OAuth registration client metadata names and descriptions are
registered by

It should say:

OAuth token introspection response parameters are registered by

Notes:

The original text erroneously mentions registration of client metadata names, however, this RFC 7662 is about about token introspection and this section is about registration of token introspection response parameters (client metadata name registration is RFC 7591).

Status: Reported (1)

RFC 7662, "OAuth 2.0 Token Introspection", October 2015

Source of RFC: oauth (sec)

Errata ID: 7607
Status: Reported
Type: Technical
Publication Format(s) : TEXT

Reported By: Fulong Sun
Date Reported: 2023-08-17

Section 2.2 says:

a given token has been issued by this authorization server, has not been revoked by the resource owner, and is within its given time window of validity

It should say:

a given token has been issued by this authorization server, has not been revoked by the resource owner or client, and is within its given time window of validity

Notes:

RFC 7009 defined a given token can be revoke by client, so should write client here.

Report New Errata



Advanced Search