On Mon, Jun 28, 2010 at 6:17 PM, Eran Hammer-Lahav <e...@hueniverse.com> wrote: > There are times when the client wants the server to fail if it doesn’t > support an extension.
Implementations that have such requirements also have the option of making a new protocol that shares a lot of code with OAuth. How much feature negotiation to allow in a protocol can be a tough question, but it's probably not a goal to allow any combination of mandatory extensions to be called "OAuth". -- Robert Sayre "I would have written a shorter letter, but I did not have the time." _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
