Draft 20 of the OAuth 2.0 Bearer Token Specification has been published. I believe that this draft addresses all DISCUSS issues and comments raised for this specification in IESG review. No normative changes were made, other than specifying the use of Cache-Control options when using the URI Query Parameter method.
Changes made were: * Added caveat about using a reserved query parameter name being counter to URI namespace best practices. * Specified use of Cache-Control options when using the URI Query Parameter method. * Changed title to "The OAuth 2.0 Authorization Framework: Bearer Token Usage". * Referenced syntax definitions for the scope, error, error_description, and error_uri parameters in the OAuth 2.0 core spec. * Registered the invalid_request, invalid_token, and insufficient_scope error values in the OAuth Extensions Error Registry. * Acknowledged additional individuals. The draft is available at: * http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-20 A HTML-formatted version is available at: * http://self-issued.info/docs/draft-ietf-oauth-v2-bearer-20.html -- Mike
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
