expires_at requires very good time synchronization for all machines involved.
expires_in, while not very exact, is more resilient. Marius On Tue, Dec 14, 2010 at 1:24 PM, Jitesh Bhate <jbh...@exacttarget.com> wrote: > I have same question, Thanks Paul for Raising this > > Regards > Jitesh > > -----Original Message----- > From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of > Paul Walker > Sent: Tuesday, December 14, 2010 4:14 PM > To: OAuth WG > Subject: [OAUTH-WG] expires_at vs expires_in > > Has there been discussion of using expires_at as an exact epoch time in > seconds as opposed to expires_in which is, at best, an approximation "from > the time the response was generated by the authorization server?" I > apologize if this has been discussed previously. > > ~pj > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
