A few questions we should answer before moving forward. Considering *your* use cases and reasons for being here:
1. Why are you here? What are you trying to solve that is not already addressed by existing specifications (OAuth 1.0a, WRAP, etc)? 2. Should the WG start by taking WRAP or OAuth 1.0a as its starting point? Something else? 3. If we start from draft-hammer-oauth, what needs to change to turn it into OAuth 2.0? 4. If we start from draft-hardt-oauth, what needs to change to turn it into OAuth 2.0? 5. Do you think the approach of working first on 'how to use a token' and then on 'how to get a token' is right? 6. Should we go back to working on a single specification? 7. Do you think the protocol should include a signature-based authentication scheme? EHL _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
