It's something people get wrong and we should make a way to get it
right.
*From:* Eran Hammer-Lahav [mailto:e...@hueniverse.com]
*Sent:* Tuesday, July 13, 2010 10:08 AM
*To:* William Mills
*Cc:* David Recordon; Colin Snover; OAuth
*From:* oauth-boun...@ietf.org <mailto:oauth-boun...@ietf.org>
[mailto:oauth-boun...@ietf.org
<mailto:oauth-boun...@ietf.org>] *On Behalf Of *Colin Snover
*Sent:* Tuesday, July 13, 2010 9:23 AM
*To:* Eran Hammer-Lahav
*Cc:* OAut
ied.
EHL
-- Forwarded Message
*From: *An anonymous reader
*Date: *Sat, 10 Jul 2010 11:01:11 -0700
*To: *Eran Hammer-Lahav
*Subject: *Re: draft-ietf-oauth-v2-09 - The OAuth 2.0 Protocol
*"Colin Snover"* left these comments on your copy:
*draft-ietf-oauth-v
; maybe OIDC is the solution but it’s only half a solution if it’s
optional/supplementary).
Thanks,
-- original message follows --
On 25/06/2010 02:30, Colin Snover wrote:
On 24/06/2010 23:30, Luke Shepard wrote:
You're right; this can be an interesting issue. It's very tied up in
ide
to think of one.
Regards,
--
Colin Snover
http://zetafleet.com
___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
otherwise
we are going to have huge headaches and may end up needing to resort to
cross-site request forgery to force user-agents to log out of provider
sites. If I have been unclear at all, please let me know and I will be
happy to clarify.
Regards,
--
Colin Snover
http://zetafleet.com
