I sent this reply to Brian's original email earlier, but forgot to click
reply-all.
I disagree with hardcoding the approval URL into the device. To enable short
URLs, there's nothing in the spec preventing the Auth Server from returning a
different approval URL for each client id. E.g.,http://w
On Thu, Apr 22, 2010 at 6:11 PM, Manger, James H
wrote:
> We mustn't drop advertisements (details in 401 responses).
> We mustn't drop the goal of a standard for interoperability.
I share the goals, I just don't think that a specification is the way
to get there. I think working examples in the
This looks about right.
EHL
> -Original Message-
> From: Torsten Lodderstedt [mailto:tors...@lodderstedt.net]
> Sent: Friday, April 23, 2010 3:31 PM
> To: Manger, James H
> Cc: Brian Eaton; Eran Hammer-Lahav; OAuth WG
> Subject: Re: [OAUTH-WG] 'Scope' parameter proposal
>
>
> > I suspec
I suspect the key concept is realising that there can be many authz URIs — and
that that is ok. OAuth libraries should support this concept — perhaps by not
expecting a single authz URI to be provided in a config file.
I fully agree with your statement. Authorization servers may use
dif
On 4/23/10 3:30 PM, Blaine Cook wrote:
> On 23 April 2010 17:01, Peter Saint-Andre wrote:
>> On 4/23/10 8:05 AM, Prateek Mishra wrote:
>>> Do you mean April 29 (Thu) and April 30th (Fri)?
>>
>> Clearly yes.
>
> lol, neither. I think I managed to look at a 2009 calendar somehow,
> and travel has l
On 23 April 2010 17:01, Peter Saint-Andre wrote:
> On 4/23/10 8:05 AM, Prateek Mishra wrote:
>> Do you mean April 29 (Thu) and April 30th (Fri)?
>
> Clearly yes.
lol, neither. I think I managed to look at a 2009 calendar somehow,
and travel has left me completely unaware as to the current date.
+1
Eran has done a really great job editing this document!
On Fri, Apr 23, 2010 at 4:20 AM, Blaine Cook wrote:
> This is a call for consensus on accepting Eran's latest OAuth draft,
> draft-hammer-oauth2 [1] as a working group item. Assuming no
> objections by end-of-day Tuesday, April 22nd, t
On Fri, Apr 16, 2010 at 8:09 PM, Eran Hammer-Lahav wrote:
>
>
>
> On 4/16/10 6:00 PM, "Evan Gilbert" wrote:
>
> > - Add text to the spec to give overview of options for native app
> developers
>
> I need a proposal.
>
Here's a proposal for text to cover the options for native applications
*3.8
On Fri, Apr 23, 2010 at 10:03 AM, Luke Shepard wrote:
> I agree that this is a risk, but we are doing everything we can to mitigate
> it. The version of OAuth we
> pushed on Wednesday is up to date as of Eran's Monday draft - I think that
> should be taken as a
> sign of honest good faith to sta
just as a counter - twitter is taking a more paced stance. our @anywhere is
built upon the oauth2 draft from a few weeks ago, and we're going to be
spending a portion of next week catching it up to the current draft. its my
personal goal to open the endpoint up so that developers can start to use
Hey Justin, al-
I'll send a more complete email this afternoon with the details of the Facebook
OAuth deployment. For now I just wanted to respond to your questions:
> Is Facebook committed to tracking the spec in its development
Yes. Our main focus right now is stability and bug fixing for wh
On 4/23/10 8:05 AM, Prateek Mishra wrote:
> Do you mean April 29 (Thu) and April 30th (Fri)?
Clearly yes.
>> This is a call for consensus on accepting Eran's latest OAuth draft,
>> draft-hammer-oauth2 [1] as a working group item. Assuming no
>> objections by end-of-day Tuesday, April 22nd, this d
Hi all guys, Paul very nice to meet you :)
at the era I started writing the first version of the Amber proposal,
my Cocoon3 mates Reinhard Poetz and Steven Dolg were interested, I'll
ping them to get them involved.
Quick question: can anyone tell me please where I can share the first
draft of the p
I was surprised that this announcement didn't garner more commentary
from the list here, as this decision worries me a little bit. There are
a lot of components of the OAuth protocol that aren't stabilized into a
real standard yet, and I'm worried that the Facebook implementation of
"OAuth 2.0" wil
not sure if i'm late (as its past the 22nd) - but full support.
On Fri, Apr 23, 2010 at 4:20 AM, Blaine Cook wrote:
> This is a call for consensus on accepting Eran's latest OAuth draft,
> draft-hammer-oauth2 [1] as a working group item. Assuming no
> objections by end-of-day Tuesday, April 22nd
Full support.
Igor
Blaine Cook wrote:
This is a call for consensus on accepting Eran's latest OAuth draft,
draft-hammer-oauth2 [1] as a working group item. Assuming no
objections by end-of-day Tuesday, April 22nd, this draft will be
promoted to an active working group document on Wednesday, Apr
- Authorization server doesn’t return approval URL - device hard-codes
this instead.
I expect that this will point to a manufacturer specific page, and
that the manufacturer specific page will automatically redirect to a
page on the authorization server.
Why not returning client-id-spe
Regarding the second comment I made below: I realized last night that Sections
3.7.1 and 3.7.2 get this more correct, by saying that an autonomous client
represents a "separate resource owner". So Section 2.2 definitely needs a
slight change, from:
"...and autonomous flows where the client is a
Do you mean April 29 (Thu) and April 30th (Fri)?
This is a call for consensus on accepting Eran's latest OAuth draft,
draft-hammer-oauth2 [1] as a working group item. Assuming no
objections by end-of-day Tuesday, April 22nd, this draft will be
promoted to an active working group document on Wedne
Hi Paul,
yes, we have 3 Apache people (me, you, Simone Tripodi), one Apache
contributor with filed CLA (Pid) that want to contribute his code base, and
received some interest from other people, so I think we could start
preparing an Incubator proposal. You can have a look at Simone Tripodi's
propos
Blaine... Might you have meant April 27th?
On 4/23/10 1:20 PM, Blaine Cook wrote:
This is a call for consensus on accepting Eran's latest OAuth draft,
draft-hammer-oauth2 [1] as a working group item. Assuming no
objections by end-of-day Tuesday, April 22nd, this draft will be
promoted to an act
This is a call for consensus on accepting Eran's latest OAuth draft,
draft-hammer-oauth2 [1] as a working group item. Assuming no
objections by end-of-day Tuesday, April 22nd, this draft will be
promoted to an active working group document on Wednesday, April 23rd.
b.
[1] http://datatracker.ietf.
22 matches
Mail list logo
