That's a confusing answer Eve. Is it in the spec or pointed to from the spec?
I think there is consensus that there are enough use cases that signatures need to be spec'ed -- the question is if the signature spec is in core or a separate spec. For people that don't need signatures, having them separate keeps the core spec simpler. Having a separate spec enables other groups to reuse the signature mechanism without confusing their readers with the rest of the OAuth spec. On 2010-09-24, at 1:37 PM, Eve Maler wrote: > +1 for signature support in the core spec (which may look like normative > pointers out to a separate spec module if it turns out there's wider usage > for that module beyond OAuth). > > Eve > > On 23 Sep 2010, at 6:43 PM, Eran Hammer-Lahav wrote: > >> Since much of this recent debate was done off list, I'd like to ask people >> to simply express their support or objection to including a basic signature >> feature in the core spec, in line with the 1.0a signature approach. >> >> This is not a vote, just taking the temperature of the group. >> >> EHL >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth > > > Eve Maler http://www.xmlgrrl.com/blog > +1 425 345 6756 http://www.twitter.com/xmlgrrl > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
