On Sat, Mar 11, 2017 at 1:54 PM, William Denniss <wdenn...@google.com> wrote:
> > On Sat, Mar 11, 2017 at 12:40 PM, Justin Richer <jric...@mit.edu> wrote: > >> >> >> Secondly, I had a question about the “response_type” parameter to the >>> device endpoint. This parameter is required and it has a single, required >>> value, with no registry or other possibility of extension. What’s the >>> point? If it’s for “parallelism”, I’ll note that this is *not* the >>> authorization endpoint (as the user is not present) and such constraints >>> need not apply here. >>> >> >> Good points here. At a guess, it bled in from the OAuth spec. If it's not >> needed, we should remove it. >> >> >> I’d vote for removal, I don’t see the point. >> > +1 on removal of the “response_type” parameter from the Device Authorization Request
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
