On 18 February 2016 at 14:40, Hannes Tschofenig <hannes.tschofe...@gmx.net>
wrote:

> Hi all,
>
> This is a Last Call for comments on the  OAuth 2.0 Discovery specification:
> https://tools.ietf.org/html/draft-ietf-oauth-discovery-01
>
> Since this document was only adopted recently we are running this last
> call for **3 weeks**.
>
> Please have your comments in no later than March 10th.
>

Just finished reviewing this.  Since it's 1 day past the comments dealine,
I'll just leave some high level thoughts, based on how I may implement some
of this.  No need to respond.

1. I'd like to see a path supporting the increasingly popular w3c REC, JSON
LD.

2. General feedback I've had since the inception of webfinger was that it's
had decreasing adoption.  Perhaps an idea to remove reference.  Usage stats
would be interesting if public.

3. I feel the mandatory-ness of TLS/SSL slightly over the top.  I dont
think we are at HTTPS everywhere yet, and it's still a pain for the long
tail of developers.

Ill be interested to see this work in action.

>
>
> Ciao
> Hannes & Derek
>
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>
>
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to