> > In most instances outside of the Big Web Companies, OAuth is going to be > > the new kid being grafted onto an existing framework or application. As > > such, it really needs to play nice. > > Just a side note, with extensions also being simple names added to the > protocol chances of a collision with an existing framework are much > higher. Using MediaWiki as an example, if an extension proposes to use > 'title' as a parameter name it will be approved if it does not collied > with other OAuth 2 parameter names (core or extensions), but > frameworks will not be checked (that is impossible).
Right, and it's exactly for reasons like this that I had argued for namespacing all of the OAuth parameters. But was shot down by the WG. -- Justin _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
