3.4. Client Credentials When requesting access from the authorization server, the client identifies itself using its authorization-server-issued client credentials.
The Client Credentials does not necessarily be issued by the authorization server, but may be issued by the server that authorization server trusts. Thus, I would like to propose the text change as: 3.4. Client Credentials When requesting access from the authorization server, the client identifies itself using its authorization-server-verifiable client credentials. -- Nat Sakimura (=nat) http://www.sakimura.org/en/ http://twitter.com/_nat_en _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth