On 21 Mar 2010, at 1:43 PM, David Recordon wrote:
> The goal of the, "the authorization server advertises (such as via
> documentation) the URIs of the following three endpoints" wording was to
> allow for a discovery process that is defined separately from this spec. Is
> that unclear? Have other words to propose?
So perhaps this wants to be a thin spec that can be combined with the OAuth
core spec, if there's general interest in it. (In the UMA spec, we were
already in the position of making up some XRD to describe a couple of WRAP
endpoints, along with UMA endpoints and metadata. It would be nice to have a
canonical version of the former, at the least.)
>
> Eve, thanks for the detailed feedback! Future email coming with commits or
> comments for each one.
Hopefully sometime before the actual meeting tomorrow, I'll respond with spec
text ideas where you -- very reasonably :-) -- asked me to supply some.
Eve
>
> --David
>
> On Mar 21, 2010, at 12:53 PM, John Panzer wrote:
>
>> +1 to ensuring that dynamic introduction is possible. I see a lot of
>> discussions that end up saying that this or that can be spec'd in the
>> server docs and the client hard coded to the docs; this is fine for
>> some features but not for very general ones that everybody needs to
>> use.
Eve Maler
e...@xmlgrrl.com
http://www.xmlgrrl.com/blog
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
