Yeah, I hadn't really been thinking of going so far as making it RECOMMENDED either but more of just providing an easy option for those that would choose to use it.
On Mon, Apr 27, 2020 at 10:58 AM Justin Richer <jric...@mit.edu> wrote: > I agree that any URI could be used but that it MUST be understood by the > AS to be local to the AS (and not something that can be impersonated by an > attacker). I wouldn’t even go so far as RECOMMENDED, but it’s certainly an > option. > > — Justin > > On Apr 27, 2020, at 4:41 AM, Filip Skokan <panva...@gmail.com> wrote: > > I believe implementers should be free to devise their own URIs and not be > locked down to one by the spec, at the same time, > and RFC6755 subnamespace would be good for guidance. > > So, I would suggest it be RECOMMENDED to use e.g. > `urn:ietf:params:oauth:request_uri:<random>` (Brian's proposal) but also > that any URN or URL will do if the circumstances call for it. > > Best, > *Filip* > > > On Sun, 26 Apr 2020 at 17:20, Torsten Lodderstedt <torsten= > 40lodderstedt....@dmarc.ietf.org> wrote: > >> Hi all, >> >> another topic from last week’s virtual meeting. >> >> Shall there be guidance on the request URI structure? >> >> Please state your opinion. >> >> thanks in advance, >> Torsten. >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > -- _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
