On Tue, Jul 12, 2011 at 1:35 PM, Eran Hammer-Lahav <e...@hueniverse.com> wrote: > I will withdraw my objections to the change (parsing the response_type > string) if enough support is present. If you care about it, please speak out > now.
The complexity of composite response types is affecting mostly authorization servers. Hiding this behind the requirement to explicitly register all combinations is not helping much IMO. Most auth server implementations will end up parsing the list and looking at the individual elements anyhow. Marius _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth