Re: [OAUTH-WG] OAuth 2.1 Sections 4.1.2.1. Error Response (Authorization Endpoint) and 5.2. Error Response (Token Endpoint)

I see how this could be confusing, so I'll make a note to clarify it. However, the only two error codes that would be returned from the authorization endpoint would be HTTP 200 or 302, because this is always returned to the browser, not to the OAuth client. In the case of the authorization server

[OAUTH-WG] OAuth 2.1 Sections 4.1.2.1. Error Response (Authorization Endpoint) and 5.2. Error Response (Token Endpoint)

Section 5.2. Error Response for the Token Endpoint states: The authorization server responds with an HTTP 400 (Bad Request) status code (unless specified otherwise) and includes the following parameters with the response: "error": REQUIRED. A single ASCII [USASCII