On Thu, Jun 16, 2011 at 1:49 PM, Torsten Lodderstedt < tors...@lodderstedt.net> wrote:
> ** > If those people have reasonable means in place to protect secrets on > deployment channels and in the local installation - fine. I would be eager > to learn more about those means because I would be willed to utilize them as > well. > No, they don't have anything that really protects the secrets. They are just willing to accept the risk. In particular, they realize that having the client application present a secret doesn't increase the risk at all.
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth