On Fri, Jul 16, 2010 at 9:48 AM, Justin Richer <jric...@mitre.org> wrote: > The current proposal for a 1.0->2.0 upgrade flow is to use the assertion > profile and pass the OAuth token in there. Instead, one could create an > endpoint that speaks the 1.0 protocol fully, signatures and client > secrets and everything, but issues 2.0 tokens, JSON and all. It's a > hybridized endpoint also, but put together with the opposite pieces. In > both cases, you put a 1.0 token in one end and get a 2.0 token out the > other. But in this case, the request being made is a completely vanilla > OAuth 1.0 protected resource access request.
I already proposed something like that, if there is interest I can update the proposal to be in line with the latest spec: http://www.ietf.org/mail-archive/web/oauth/current/msg02300.html Marius _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
