Can you explain why you think: > > But definitely cannot be both (as in the present definition).
>From a theoretical perspective, of course it can be. But perhaps there is a concrete reason you think otherwise, I think it would be prudent to share that context explicitly with an explanation here. That way we aren't opening old conversations in the middle of the meeting, and also it lets us be prepared to understand the perspective without having to dive in on the spot. On Wed, Jul 27, 2022 at 2:42 PM Jaimandeep Singh <jaimandeep.phdcs21= 40nfsu.ac...@dmarc.ietf.org> wrote: > Dear Aaron, > > 1. Yesterday you brought up an important issue of choosing "redirect_uri" > to be REQUIRED vs OPTIONAL parameter at the authorization code endpoint. > The esteemed members had their considered opinion that the definition > should remain as it is. > > 2. However, I am of the opinion that an important parameter like > "redirect_uri" needs to be more clearly defined. It can either be OPTIONAL > or REQUIRED, but definitely cannot be both (as in the present > definition). Maybe Aaron can bring up the topic again for discussion in the > side meeting for further deliberations. > > Regards > Jaimandeep Singh > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth >
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
