New versions of the OAuth Core and Bearer specs have been published that are
intended to address all outstanding issues. (Although see Dick Hardt’s
forwarded note from Charles Honton, which may result in an additional issue.)
The specifications are available at:
·http://tools.ietf.org/
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol Working Group of
the IETF.
Title : The OAuth 2.0 Authorization Framework: Bearer Token
Usage
Author(s) : Michael B. Jones
Charles
Thanks for the suggestion. I just did publish a new draft that included a
number of items that had been discussed and I would like to get some feedback
on your suggestion before incorporating it (or not).
Does anyone have feedback on the change below? (+/-)
-- Dick
On Jul 12, 2012, at
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol Working Group of
the IETF.
Title : The OAuth 2.0 Authorization Framework
Author(s) : Dick Hardt
D
Much appreciated Julian!
On Jul 12, 2012, at 1:31 AM, Julian Reschke wrote:
> On 2012-07-09 17:01, Julian Reschke wrote:
>> On 2012-07-09 16:48, Mike Jones wrote:
>>> HTML5 is not cited because it's a working draft - not an approved
>>> standard. In what way is "the definition of the media type
> III) Hybrid Scenario (the OAuth Holder-of-the-Key Use case)
>
> client_hello,
> cert-receive=(X.509, Raw) // (1)
> cert-send=(Raw) -> // (2)
>
> <- server_hello,
> cert-info=(X.509),// (3)
> certific
Thanks, Julian. Dick and I will integrate this into the draft.
-- Mike
-Original Message-
From: Julian Reschke [mailto:julian.resc...@gmx.de]
Sent: Thursday, July 12, 2012 1:31 AM
To: Mike Jones
Cc: oauth@ietf.org
Subject: Re: [OAUTH-WG] Preliminary OAuth
On 2012-07-09 17:01, Julian Reschke wrote:
On 2012-07-09 16:48, Mike Jones wrote:
HTML5 is not cited because it's a working draft - not an approved
standard. In what way is "the definition of the media type in HTML4
is known to be insufficient"? People have been successfully
implementing form-
Hi Erk, Hi Robert, Hi Nikos,
thanks for your quick response. Here is an attempt to summarize your input.
I use three types of indications in the message exchange below for improved
clarity, namely:
(a) 'cert-receive=(value-1, value-2, ..., value-n)' with the meaning: "I accept
ce
