John Bradley and I collaborated to create the second OAuth 2.0 Mix-Up Mitigation draft. Changes were:
* Simplified by no longer specifying the signed JWT method for returning the mitigation information. * Simplified by no longer depending upon publication of a discovery metadata document. * Added the "state" token request parameter. * Added examples. * Added John Bradley as an editor. The specification is available at: * http://tools.ietf.org/html/draft-jones-oauth-mix-up-mitigation-01 An HTML-formatted version is also available at: * http://self-issued.info/docs/draft-jones-oauth-mix-up-mitigation-01.html -- Mike P.S. This note was also posted at http://self-issued.info/?p=1526 and as @selfissued<https://twitter.com/selfissued>.
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
