On Aug 9, 2012, at 9:52 AM, William Mills wrote: > I find the idea of starting from scratch frustrating. MAC solves a set of > specific problems and has a well defined use case. It's symmetric key based > which doesn't work for some folks, and the question is do we try to develop > something that supports both PK and SK, or finish the SK use case and then > work on a PK based draft. > > I think it's better to leave them separate and finish out MAC which is *VERY > CLOSE* to being done.
Who is interested in MAC? People can use OAuth 1.0 if they prefer that model. For my projects, I prefer the flexibility of a signed or encrypted JWT if I need holder of key. Just my $.02 -- Dick
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth