Am 24.07.2019 um 22:13 schrieb Aaron Parecki <aa...@parecki.com>:
>> 2) Regarding architectures: I think this BCP should focus on recommendations >> for securely implementing OAuth in the different potential architecture. I >> don’t think we should get into the business of recommending and assessing >> other solutions (e.g. section 6.1.). > > This section was originally added from a discussion on the list, I believe it > was actually Torsten's suggestion: > https://mailarchive.ietf.org/arch/msg/oauth/JoEjvUrwE3pBPJI1olkEIR7ov9Q The > section was later modified and expanded based on feedback from the meeting in > Prague. My latest feedback is inline with the post you refer to. There I suggested to also consider an architecture where the OAuth logic resides in a backend. I never suggested to add anything outside of an OAuth-based architecture.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
