Oh hey, so you did. And I even agreed to it back then! Yeah, let's update it. Between this and the other proposed upgrade flow, we should cover most ways people would want to trade one flavor of token for another.
-- Justin On Fri, 2010-07-16 at 12:56 -0400, Marius Scurtescu wrote: > On Fri, Jul 16, 2010 at 9:48 AM, Justin Richer <jric...@mitre.org> wrote: > > The current proposal for a 1.0->2.0 upgrade flow is to use the assertion > > profile and pass the OAuth token in there. Instead, one could create an > > endpoint that speaks the 1.0 protocol fully, signatures and client > > secrets and everything, but issues 2.0 tokens, JSON and all. It's a > > hybridized endpoint also, but put together with the opposite pieces. In > > both cases, you put a 1.0 token in one end and get a 2.0 token out the > > other. But in this case, the request being made is a completely vanilla > > OAuth 1.0 protected resource access request. > > I already proposed something like that, if there is interest I can > update the proposal to be in line with the latest spec: > http://www.ietf.org/mail-archive/web/oauth/current/msg02300.html > > Marius _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
