On 28/06/2010 06:37, Dick Hardt wrote:
> I vote for (3) unless a good (4) is suggested.
Ditto.
p
> On 2010-06-27, at 6:51 PM, Eran Hammer-Lahav wrote:
>
>> Over the past year many people expressed concerns about the use of the
>> ‘realm’ WWW-Authenticate header parameter. The parameter is defi
On 25/05/2010 01:52, Dick Hardt wrote:
>
> On 2010-05-24, at 4:55 PM, Marius Scurtescu wrote:
>
>> And to add to this, this example shows that encoding is hard, JSON
>> only solves decoding (in most cases, but not all).
>
> JSON solves encoding and decoding with the same library.
>
>>
>> For al
subtle bugs, which
> was one of the major problems with OAuth 1.0a that prompted us to
> work on OAuth 2.0 in the first place.
I take your point.
I'm slightly less convinced that this means that JSON is a single best
format, as much of the above could apply to XML
On 10/05/2010 15:56, Dick Hardt wrote:
>
> On 2010-05-10, at 1:11 AM, Pid wrote:
>
>> On 10/05/2010 07:57, Joseph Smarr wrote:
>>>> 1. Server Response Format
>>>
>>> I vote for B, though I could live with C. (A would make me sad though)
>>>
&
On 10/05/2010 07:57, Joseph Smarr wrote:
>> 1. Server Response Format
>
> I vote for B, though I could live with C. (A would make me sad though)
>
> We've had a healthy and reasonable debate about the trade-offs here, but
> I think the main counterargument for requiring JSON support is that it's
>
On 07/05/2010 16:28, Eran Hammer-Lahav wrote:
> This approach seems the most reasonable to me.
>
> Server MUST support all three formats.
> Client MUST support one but MAY support more formats.
>
> This puts a little extra work on the server but since this is on the
> serializing side, no parser
etc., but I still think
>> it's "betting on the right horse" and it's going to be a lot simpler
>> and less error-prone than either url-encoded values or XML.
>>
>> Eran-thanks for agreeing to write something up, and I agree we've got
>> strong
fer a clearer explanation as to the
benefits, so I can stop scratching my head about it all, please?
Respectfully,
Pid
> On Wed, May 5, 2010 at 11:38 AM, Torsten Lodderstedt
> mailto:tors...@lodderstedt.net>> wrote:
>
> Am 05.05.2010 20:01, schrieb Evan Gilbert:
>>
central.
Both of those we can fix.
> I just had a peek at Amber, looks fairly decent. I can help move this
> to Apache incubating if people are interested.
This also sounds promising.
p
> On Wed, Apr 21, 2010 at 4:49 AM, Simone Gianni <mailto:simo...@apache.org>> wrote:
>
&
mbining efforts,
Java programmer or not.
Cheers,
Pid
signature.asc
Description: OpenPGP digital signature
___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
10 matches
Mail list logo
