Would you elaborate on your reasons here? Do you think we have enumerated all the possibilities?
On 2010-06-25, at 10:59 AM, Eran Hammer-Lahav wrote: > I would rather limit the ability to extend the two endpoints beyond their > current architecture, and instead, allow others to specify new endpoints > (e.g. a device endpoint for getting an authorization code without using > browser redirection) that work in addition to the token endpoint (using an > existing grant type or assertion). _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth