On Tue, Apr 6, 2010 at 12:13 AM, Eran Hammer-Lahav <e...@hueniverse.com> wrote: > Yep. I'm trying to remove the need for a more complex discovery.
Not sure we need to do anything, discovery is pretty simple already. We've been talking a bit about how to enable OAuth for IMAP: http://tech.groups.yahoo.com/group/sasl_oauth/. Here's the rough flow: 1) The hostname of the IMAP server to talk to magically appears. Maybe the user enters it. 2) Client queries the IMAP server. 3) IMAP server points at the OAuth WRAP endpoints. 4) Client opens a browser to get user approval using the rich client flow. 5) Client saves the refresh token instead of the user's password. Ideally the same SASL mechanism would work for XMPP. Cheers, Brian _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
