Reviewer: Shwetha Bhandari

Review result: Ready

 

I have reviewed this document as part of the Operational directorate's ongoing

effort to review all IETF documents being processed by the IESG.  These

comments were written with the intent of improving the operational aspects of

the IETF drafts. Comments that are not addressed in last call may be included

in AD reviews during the IESG review.  Document editors and WG chairs should

treat these comments just like any other last call comments.

 

Summary:

This specification defines a metadata format that an OAuth 2.0 client can use to obtain the information needed to interact with an OAuth 2.0 authorization server. The process of deploying authorization server metadata and discovering its location is out of scope of this specification. The specification establishes and populates IANA registry for authorization server metadata names. It also registers URI suffix “oauth-authorization-server” in the IANA "Well-Known URIs" registry without mandating applications to use only this suffix to publish authorization server metadata.
 

There is no operational considerations or manageability section in the document.

I don’t see any operational, network management or security management concerns with this document.

 

Thanks,

Shwetha