On Sat, Jul 10, 2010 at 2:22 PM, Dick Hardt <dick.ha...@gmail.com> wrote:
> Obviously anything besides what you need for your use case adds complexity. > The question is: are you willing to accept some complexity so that it works > for use cases than yours? If not, then perhaps you should just define your > own signature mechanism. > I think that you misunderstood what I was saying. The use case that Paul described is more limited than the signature use cases for OAuth 2.0. An envelope is not required for the signature use cases for OAuth 2.0. As you pointed out later, it could be required for different use cases of encrypting and signing requests. --David
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth