Done. On 3/24/11 6:14 PM, Ruhrstadt-Agentur Com4 wrote: > Hi Craig, > > could you pls. remove me from the lists. > I coudn't find a unsubscribe-buton on the site. > > Thx. and regards, > > Gabi > > > *Gabi Banfield > * > Ruhrstadt-Agentur Com4 > > Düsseldorfer Str. 35 > > 44143 Dortmund > > *Mobil:* 0151.22685714 > > *Fax:* 0321.21324606 > > *Web:* agentur-com4.com <http://agentur-com4.com/> > > *Mail: * banfi...@agentur-com4.com <mailto:banfi...@agentur-com4.com> > > > Amtsgericht Dortmund HRA 16316 > > UStNr: 317/5702/0638 > > Inhaber Ruhrstadt-Agentur Com4 e.K.: Gabi Banfield > > Linkedin <http://www.linkedin.com/in/gabibanfield>Xing > <https://www.xing.com/profile/Gabi_Banfield>Wordpress > <http://ruhrstadtagentur.wordpress.com/>Blogger > <http://ruhrstadtagenturcom4.blogspot.com/>Blog RSS > <http://ruhrstadt-agenturcom4.posterous.com/rss.xml>Twitter > <http://twitter.com/RuhrstadtCom4>Twitter > <http://twitter.com/GoogleWaveGER>Twitter > <http://twitter.com/RuhrCompilation>del.icio.us > <http://www.delicious.com/AgenturCom4>Digg > <http://digg.com/agenturcom4>Facebook > <http://www.facebook.com/ruhrstadtagentur>YouTube > <http://www.youtube.com/user/RuhrstadtAgenturCom4>TypePad > <http://profile.typepad.com/ruhrstadtagenturcom4>Tumblr > <http://ruhrstadtagenturcom4.tumblr.com/>Stumbleupon > <http://www.stumbleupon.com/stumbler/AgenturCom4/>MySpace > <http://www.myspace.com/ruhrstadt-agenturcom4>Google > <http://www.google.com/profiles/agenturcom4>SlideShare > <http://www.slideshare.net/rss/user/RuhrstadtAgenturCom4>Bebo > <http://www.bebo.com/RuhrstadtAgentCom4> > > > -------- Original-Nachricht -------- > Betreff: Re: [OAUTH-WG] Implicit Grant Client Authentication > Datum: Thu, 24 Mar 2011 15:46:37 -0700 > Von: Eran Hammer-Lahav <e...@hueniverse.com> > An: Craig Heath <craig.he...@wacapps.net>, "oauth@ietf.org" > <oauth@ietf.org> > > > > This line was left over from an earlier draft. It's now removed. It may > reappear in the security considerations section. > > EHL > >> -----Original Message----- >> From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf >> Of Craig Heath >> Sent: Thursday, March 10, 2011 10:33 AM >> To: oauth@ietf.org >> Subject: [OAUTH-WG] Implicit Grant Client Authentication >> >> I'm sure this has been gone over before, so apologies for that, but I haven't >> found a clear answer (is there a better way than just Google to search the >> mailing list archive, by the way?) >> >> I've been puzzling over this text in 4.2: "... the authentication of the >> client is >> based on the user-agent's same-origin policy." >> >> I get that the client can't be provisioned with secret credentials and that's >> why we're using this flow, but I'm puzzled by the implication that it might >> still >> be possible to authenticate the client. Isn't the point of this flow that >> you >> can't? >> >> Specifically, how would you verify that the request is coming from a user >> agent that even has a same-origin policy? >> >> Thanks! >> >> - Craig. >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
