> multiple response formats Quite a few people (most?) have (often strongly) favoured a single response format, and most of them prefer JSON. I agree: JSON for responses, application/x-www-form-urlencoded for requests.
> Proposed changes to section 3.5.2 should be applied to > 3.5.3, 3.6.1., 3.7.1., 3.7.2, and 4., too. I hope we can reduce the duplication by describing the format once only. > parameters are encoded straight-forward as flat JSON object It would be better to use the basic JSON types, not just strings for everything. For instance, "expires_in": 3600 Instead of "expires_in": "3600" Forcing all values to be strings may simplify mapping between multiple formats, but it hinders idiomatic use of the formats (which is important). This is another reason to pick a single format. > application/json There are lots of application/XXXX+xml media types that are better to use than the generic application/xml. <http://tools.ietf.org/html/rfc3023#appendix-A> Is the same true for JSON? I think an application/credential media type would be more helpful (perhaps with a "+json" suffix if that is common practise). -- James Manger _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
