Given the current proposal for signatures (no parsing of the request URI or body, or any encoding), I would like to proposal that the spec remains mute on the allowed parameter values.
While it is best to issue values that do not require any encoding (or decoding when receiving a token response), encoding and decoding form-encoded parameter is trivial and provided automatically by every platform. The only issues with encoding in 1.0a related to signatures and the production of the base string. This is no longer an issue. Proposal: close issue without further action. EHL _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
