Received via github:
> -----Original Message-----
> From: alexbilbie [mailto:reply+i-1402979-
> [email protected]]
> Sent: Sunday, August 14, 2011 5:38 AM
> To: Eran Hammer-Lahav
> Subject: [draft-ietf-oauth] Removed a repeated sentence in 3.1.2.2 (#1)
>
> Hello,
>
> I changed the first paragraph of section 3.1.2.2 from:
>
> The authorization server MUST require public clients to register
> their redirection URI, MUST require all clients to register their
> redirection URI prior to utilizing the implicit grant type, and
> SHOULD require all clients to register their redirection URI prior to
> utilizing the authorization code grant type.
>
> to:
>
> The authorization server MUST require all clients to register their
> redirection URI prior to utilizing the implicit grant type, and
> SHOULD require all clients to register their redirection URI prior to
> utilizing the authorization code grant type.
>
> I think the phrase "MUST require public clients to register their redirection
> URI" was unnecessary when followed by "MUST require all clients to register
> their redirection URI"
Changed to:
The authorization server SHOULD require all clients to register
their redirection URI
prior to using the authorization endpoint, and MUST require the
following clients to
register their redirection URI:
o Public clients.
o Confidential clients utilizing the implicit grant type.
EHL
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
