Re: [OAUTH-WG] Fw: Breaking change in OAuth 2.0 rev. 23

2012-03-17 Thread John Bradley
OK with me. John B Sent from my iPad On 2012-03-17, at 5:43 PM, Eran Hammer wrote: > Mike, Nat, > > Does the new text work for you? > > EH > >> -Original Message- >> From: breno.demedei...@gmail.com >> [mailto:breno.demedei...@gmail.com] On Behalf Of Breno >> Sent: Saturday, March

Re: [OAUTH-WG] Fw: Breaking change in OAuth 2.0 rev. 23

2012-03-17 Thread Nat Sakimura
Thanks Eran. This is much better. =nat On Sun, Mar 18, 2012 at 6:43 AM, Eran Hammer wrote: > Mike, Nat, > > Does the new text work for you? > > EH > > > -Original Message- > > From: breno.demedei...@gmail.com > > [mailto:breno.demedei...@gmail.com] On Behalf Of Breno > > Sent: Saturday

Re: [OAUTH-WG] Fw: Breaking change in OAuth 2.0 rev. 23

2012-03-17 Thread Mike Jones
Much better. Thanks for working with Breno on the new wording. -- Mike -Original Message- From: Eran Hammer [mailto:e...@hueniverse.com] Sent: Saturday, March 17, 2012 2:43 PM To: Mike Jones; 'Nat Sakimura (sakim...@gmail.com)' Cc: OAuth WG Subject: RE: [

Re: [OAUTH-WG] Last Call: (The OAuth 2.0 Authorization Protocol: Bearer Tokens) to Proposed Standard

2012-03-17 Thread Eran Hammer
I am treating this issue as closed, unless someone wants to proposed language changes based on John's analysis below. EH > -Original Message- > From: John Bradley [mailto:ve7...@ve7jtb.com] > Sent: Thursday, March 08, 2012 8:13 AM > To: Eran Hammer > Cc: Julian Reschke; i...@ietf.org; Th

Re: [OAUTH-WG] Fw: Breaking change in OAuth 2.0 rev. 23

2012-03-17 Thread Eran Hammer
Mike, Nat, Does the new text work for you? EH > -Original Message- > From: breno.demedei...@gmail.com > [mailto:breno.demedei...@gmail.com] On Behalf Of Breno > Sent: Saturday, March 17, 2012 12:10 PM > To: Eran Hammer > Cc: OAuth WG > Subject: Re: [OAUTH-WG] Fw: Breaking change in OAuth

Re: [OAUTH-WG] Fw: Breaking change in OAuth 2.0 rev. 23

2012-03-17 Thread Breno
That is much clearer. Thank you. On Sat, Mar 17, 2012 at 9:17 AM, Eran Hammer wrote: > How about we phrase it the other way: > > A clients may be implemented as a distributed set of components, each with a > different > client type and security context (e.g. a distributed client with both a > c

Re: [OAUTH-WG] Fw: Breaking change in OAuth 2.0 rev. 23

2012-03-17 Thread Eran Hammer
How about we phrase it the other way: A clients may be implemented as a distributed set of components, each with a different client type and security context (e.g. a distributed client with both a confidential server-based component and a public browser-based component). If the authorization s

Re: [OAUTH-WG] Fw: Breaking change in OAuth 2.0 rev. 23

2012-03-17 Thread Breno
To summarize, I am weary of registration normative language that appears to disallow common practice implemented by servers to securely support multi-component applications. If these common practices will be non-compliant (or at least it appears to be so on first reading by many different people wi