In WRAP, there was a CAPTCHA in this profile, but I don't see it in the latest OAuth 2.0 draft. Since I've already implemented the CAPTCHA stuff from WRAP, I'll leave it there if the OAuth 2.0 is likely to pick it up, or rip it out now if OAuth 2.0 decided it wasn't necessary.
Does anyone from the WG have something they can say on the subject? -- Andrew Arnott "I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth