fine with me, you can obtain the source from
https://github.com/tlodderstedt/oauth2/raw/master/draft-lodderstedt-oauth-securityconsiderations.xml
Am 07.04.2011 16:10, schrieb Eran Hammer-Lahav:
I think it would be best to publish -16 immediately with this text, mark it as
pending consensus, and continue with a single document. This will make it
easier for new readers as well as for everyone else.
I will push it out in a couple of hours.
EHL
-----Original Message-----
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf
Of Torsten Lodderstedt
Sent: Thursday, April 07, 2011 12:27 AM
To: OAuth WG
Subject: [OAUTH-WG] Security Considerations Section Proposal -02
Hi all,
I just posted a new revision of the proposed text for the core draft's security
considerations section (http://tools.ietf.org/html/draft-lodderstedt-oauth-
securityconsiderations-02).
The text makes some strong statements wrt client secrets/authentication,
HTTPS, refresh tokens and other topics. This is to facilitate a clear and
understandable specification while also considering (and supporting) _all_
relevant use cases (e.g. native apps).
Since this is the last major building block of the draft, we would like to
include
this text as soon as possible.
So please give your feedback soon!
thanks in advance,
Torsten.
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
