Hello,
There is a little typo in Section 3.2.2:
Replace "The URL for for a document" with "The URL for a document".
Section 3. contains
"2. Server responds with a successful authentication.
In the case where authorization fails the server sends an error
result, then client MUST then send
Hi Phil,
Some comments on draft-richer-oauth-chain-00.txt:
Section 3.1.
- I dislike the name of the grant type. "redelegate" is the use case but not
the grant presented to the AS from RS1. I suggest to use "access_token"
according to other grant types like authorization_code, password, refresh_
+1
This is not too complicated for the client but improves security.
regards
Sebastian Ebling
> -Original Message-
> From: Stefanie Dronia [mailto:sdro...@gmx.de]
> Sent: Friday, September 03, 2010 9:24 AM
> To: oauth@ietf.org
> Subject: Re: [OAUTH-WG] issuing new refresh tokens
>
>
