Yes more is needed. It was theoretical at that point. Now we have implementation experience.
> On Jan 20, 2016, at 3:38 PM, Brian Campbell <bcampb...@pingidentity.com> > wrote: > > There is > https://tools.ietf.org/html/draft-wdenniss-oauth-native-apps-00#appendix-A > <https://tools.ietf.org/html/draft-wdenniss-oauth-native-apps-00#appendix-A> > which has some mention of SFSafariViewController and Chrome Custom Tabs. > > Maybe more is needed? > > On Wed, Jan 20, 2016 at 10:45 AM, John Bradley <ve7...@ve7jtb.com > <mailto:ve7...@ve7jtb.com>> wrote: > Yes, in July we recommended using the system browser rather than WebViews. > > About that time Apple announced Safari view controller and Google Chrome > custom tabs. The code in the OS is now stable and we have done a fair > amount of testing. > > The OIDF will shortly be publishing reference libraries for iOS and Android > to how how to best use View Controllers, and PKCE in native apps on those > platforms. > > We do need to update this doc to reflect what we have learned in the last 6 > months. > > One problem we do still have is not having someone with Win 10 mobile > experience to help document the best practices for that platform. > I don’t understand that platform well enough yet to include anything. > > John B. > >> On Jan 20, 2016, at 12:40 PM, Aaron Parecki <aa...@parecki.com >> <mailto:aa...@parecki.com>> wrote: >> >> The section on embedded web views doesn't mention the new iOS 9 >> SFSafariViewController which allows apps to display a system browser within >> the application. The new API doesn't give the calling application access to >> anything inside the browser, so it is acceptable for using with OAuth flows. >> I think it's important to mention this new capability for apps to leverage >> since it leads to a better user experience. >> >> I'm sure that can be addressed in the coming months if this document is just >> the starting point. >> >> I definitely agree that a document about native apps is necessary since the >> core leaves a lot of guessing room for an implementation. >> >> For reference, >> https://developer.apple.com/library/prerelease/ios/releasenotes/General/WhatsNewIniOS/Articles/iOS9.html#//apple_ref/doc/uid/TP40016198-DontLinkElementID_26 >> >> <https://developer.apple.com/library/prerelease/ios/releasenotes/General/WhatsNewIniOS/Articles/iOS9.html#//apple_ref/doc/uid/TP40016198-DontLinkElementID_26> >> >> And see the attached screenshot for an example of what it looks like. >> >> <embedded-oauth-view.png> >> >> ---- >> Aaron Parecki >> aaronparecki.com <http://aaronparecki.com/> >> @aaronpk <http://twitter.com/aaronpk> >> >> >> On Tue, Jan 19, 2016 at 3:46 AM, Hannes Tschofenig >> <hannes.tschofe...@gmx.net <mailto:hannes.tschofe...@gmx.net>> wrote: >> Hi all, >> >> this is the call for adoption of OAuth 2.0 for Native Apps, see >> http://datatracker.ietf.org/doc/draft-wdenniss-oauth-native-apps/ >> <http://datatracker.ietf.org/doc/draft-wdenniss-oauth-native-apps/> >> >> Please let us know by Feb 2nd whether you accept / object to the >> adoption of this document as a starting point for work in the OAuth >> working group. >> >> Note: If you already stated your opinion at the IETF meeting in Yokohama >> then you don't need to re-state your opinion, if you want. >> >> The feedback at the Yokohama IETF meeting was the following: 16 persons >> for doing the work / 0 persons against / 2 persons need more info >> >> Ciao >> Hannes & Derek >> >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org <mailto:OAuth@ietf.org> >> https://www.ietf.org/mailman/listinfo/oauth >> <https://www.ietf.org/mailman/listinfo/oauth> >> >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org <mailto:OAuth@ietf.org> >> https://www.ietf.org/mailman/listinfo/oauth >> <https://www.ietf.org/mailman/listinfo/oauth> > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org <mailto:OAuth@ietf.org> > https://www.ietf.org/mailman/listinfo/oauth > <https://www.ietf.org/mailman/listinfo/oauth> > >
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
