RFC7662 is mentioned twice in RFCs references list in Authentication and Authorization Concept for Service APIs

[gregory1g]

Problem description In the RFCs references list RFC7662 is mentioned twice in https://github.com/camaraproject/IdentityAndConsentManagement/blob/main/documentation/CAMARA-AuthN-AuthZ-Concept.md Expected action Second reference to the same document to be removed.

Additional context

RFCs

• OAuth 2 Authorization Framework, RFC 6749
• OAuth 2 Bearer Token Usage, RFC 6750
• OAuth 2 Token Revokation, RFC 7009
• OAuth 2 Token Introspection RFC 7662 <-------- first
• JSON Web Algorithms (JWA), RFC 7518
• JSON Web Signature (JWS), RFC 7515
• JSON Web Token (JWT), RFC 7519
• OAuth 2 Assertion, RFC 7521
• OAuth 2 Token Introspection RFC 7662 <------- second
• OAuth 2 Security Assertion Markup Language, RFC 7522
• OAuth 2 Proof Key for Code Exchange, RFC 7636
• JSON Web Token Bearer, RFC 7523

[jpengar]

Thanks @gregory1g for bringing this up!

Actually, CAMARA-AuthN-AuthZ-Concept.md is deprecated and will be removed. So maybe we can leave it as it is, since it will be removed eventually.

There is a disclaimer at the top of the document:

PLEASE NOTE: This document is part of Identity & Consent Management (ICM) v0.1.0. It is deprecated as the content is now included within CAMARA-API-access-and-user-consent.md. It will be deleted after the release of Commonalities v0.4.0 and Identity & Consent Management v0.2.0. The document is here preserved for now as Commonalities v0.3.0 and Identity & Consent Management v0.1.0 are referring to this document.

[gregory1g]

Ah, ok. I was scanning for keywords and did not notice the disclaimer. Probably it would be better to close this issue then.