I found one small error in 3.1 for the "code" parameter. It mistakenly says "token" and not "code":
http://r6.sharedcopy.com/6bnqq8v Anyway I hadn't seen any of the changes since 2.05 which I just implemented for the Ruby on Rails OAuth Plugin and I have to say the changes look great. I will have to rewrite a fair amount of code now, but the changes in general are excellent and simplify things a lot. My only comment is on the assertions part. I am sure this will be useful for Enterprise type of people but I have know what kind of support there is for these kind of things in say the Ruby, Python and PHP world. So my guess is that libraries probably wont be supporting them from the get go. It would be useful for us implementers if someone provided resources with information on how to implement this. P On Tue, Jun 29, 2010 at 3:11 AM, Eran Hammer-Lahav <e...@hueniverse.com> wrote: > For editorial feedback, I am going to try something new and use > SharedCopy.com (no install required). > > > > Try it out at: http://r6.sharedcopy.com/6bnqq8v > > > > If this doesn’t work, I’ll let people know and cancel it. > > > > EHL > > > > > > From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of > Eran Hammer-Lahav > Sent: Monday, June 28, 2010 11:56 PM > To: OAuth WG (oauth@ietf.org) > Subject: [OAUTH-WG] Draft -09 > > > > Draft -09 is now posted. Main changes include: > > > > o Fixed typos, editorial changes. Thanks to Dick for his useful feedback. > > o Added token expiration example. > > o Added scope parameter to end-user authorization endpoint response and > WWW-Authenticate header. > > o Added note about parameters with empty values (same as omitted). > > o Changed parameter values to use '-' instead of '_'. Parameter names > still use '_'. > > o Changed authorization endpoint client type to response type with values: > code, token, or both. > > o Complete cleanup of error codes. Added support for error description and > URI. > > o Add initial extensibility support. > > > > Draft -09 represents what I consider to be the first feature complete > proposal. While it still needs much work, it has notes for open issues and > missing parts. I plan to give people 2 weeks to review and provide extensive > feedback, and will post one more draft before the 7/12 cutoff date for the > meeting. > > > > My goal is to collect enough feedback to declare the next draft (-10) stable > for wider implementation. If you were waiting for a stable draft to study > and provide extensive feedback, this is the draft! When giving feedback > pretend this is your last chance to making a significant contribution or > changes to the core specification. > > > > Please submit feedback by 7/9. > > > > When submitting feedback please start a new thread for each item. Editorial > commentary can be collected in one post (and please send to the list, even > if it is minor, because I tend to get the same typo correction many times). > > > > Thanks, > > > > EHL > > > > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > -- http://agree2.com - Reach Agreement! http://stakeventures.com - My blog about startups and agile banking _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
