On 04/20/2012 07:17 AM, Derek Atkins wrote:
<OAUTH Chair Hat> Note that this is a replay of the historical "MUST Implement" versus "MUST Use" arguments. Just because the server MUST IMPLEMENT JSON and XML does not mean that a Client must use both (or even that a client must implement both). It is perfectly reasonable and generally acceptable to have a server that provides data in multiple formats whereas the client only supports a subset and specifies which format(s) are acceptable. </OAUTH Char Hat> -derek

To Paul's point about how easy it is for a server to support both, I'd
retort that it's equally easy for a client to gin up JSON instead of XML.
Pity the poor programmer who can't get their head around that gigantic
change. On the other hand, having to support XML and JSON is an ongoing
maintenance headache server-side. Why do it? There isn't even the dubious
religious war like back in the day saying that binary encoded ASN.1 was
"better/faster/stacks and cleans dishes" than "human readable" XML.  XML
is just a clunky and past its prime text encoding at this point. Requiring it
smacks of nostalgia to me.

Mike
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to