I will have a go writing an I-D defining an OAuth2 WWW-Auth response header...
though it will not be for at least a fortnight :-(
--
James Manger
From: Eran Hammer-Lahav [mailto:e...@hueniverse.com]
Sent: Saturday, 9 April 2011 1:56 PM
To: Manger, James H; OAuth WG
Subject: RE: OAuth2 schem
> -Original Message-
> From: Peter Wolanin [mailto:peter.wola...@acquia.com]
> Sent: Sunday, February 27, 2011 6:59 AM
> I was a little unclear in the spec whether the client can choose not to
> include
> the body hash in the signature. I'd hope that the spec ends up clearly
> requirin
> -Original Message-
> From: Skylar Woodward [mailto:sky...@kiva.org]
> Sent: Monday, February 07, 2011 9:25 AM
> To: Eran Hammer-Lahav; OAuth WG
> Subject: Re: [OAUTH-WG] draft-hammer-oauth-v2-mac-token-02
>
> On body-hash...
>
> Having completed a trial implementation, it seems redund
Will take a look.
Phil
Sent from my phone.
On 2011-04-11, at 8:19, Justin Richer wrote:
> While this isn't the original use case I had in mind, this could be
> covered by something in the OAuth2 Instance extension:
>
> http://tools.ietf.org/html/draft-richer-oauth-instance-00
>
> -- Justin
While this isn't the original use case I had in mind, this could be
covered by something in the OAuth2 Instance extension:
http://tools.ietf.org/html/draft-richer-oauth-instance-00
-- Justin
On Fri, 2011-04-08 at 12:22 -0400, Phil Hunt wrote:
> Why not have the client app generate a random text
