Justin Richer writes:
> I think the concern here is that rotation of client credential is not
> something discussed before. Before we put it in the spec we should
> consider the reasons for doing it and what problems it solves.
>
> The client doesn't get to choose when its credentials
I think that's exactly the case, which is why it's such valuable feedback. It's
obvious to me, as the editor, what all the parts do. What I was hoping to do
with the explanations below was ferret out what key bit of information was
missing from which part of the spec, so that we can make things
Justin,
I will look over your comments. But looking at some, i was not looking for an
explanation but rather I think the text should explain.
For example the registration access token seemed very mysterious. It took a lot
of effort to understand what was going on.
Maybe i am seeing this as
Phil, many thanks for the extremely thorough review! It is very useful indeed.
My comments and responses to each point are inline.
On May 15, 2013, at 4:30 PM, Phil Hunt
mailto:phil.h...@oracle.com>> wrote:
It seems unfortunate that I have not gotten a chance to get into this level of
detail m
It seems unfortunate that I have not gotten a chance to get into this level of
detail much earlier. But then, I guess that's what LC review is for! My
apologies for not getting many of these concerns to the WG much earlier.
Overall
---
I think dynamic registration is a critical part of
