Ya. to be continued.
Just their website got protection by cookies.you know sometime it's not
easy to follow very high level protection.ya I m agree good to prevent
phishing and all fraud activities but sometimes it's make consumers
difficult.
___
OAuth ma
I feel like the source of the confusion might be, *what is the purpose of
the statement in the description of this property. e.g. *Why say anything
at all?
If the description was:
OAuth 2.0 client identifier string. An
authorization server MAY issue the same client identifier to
multi
The whole thing is pointless as the client owner (as opposed to the subject
for which client status is requested) can just define the instances to be
the same. There can be no way to attest to the validity of such an
assertion.
thx ..Tom (mobile)
On Fri, Jan 26, 2024, 10:42 AM Justin Richer wrot
Tq you for assistance and remind me.
On Sat, 27 Jan 2024, 04:01 , wrote:
> Send OAuth mailing list submissions to
> oauth@ietf.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://www.ietf.org/mailman/listinfo/oauth
> or, via email, send a message with subj
I believe this correction is valid, though I think that the changing of a
normative requirement is beyond an erratum.
Ultimately, though, this comes down to the definition of what "a client" is,
which is pretty fuzzy in OAuth. The AS needs to be able to issue the same
identifier to what it fee
