On 01/09/2013 11:02 PM, Derek Atkins wrote: > Barry Leiba <barryle...@computer.org> writes: > >>> Corrected Text >>> -------------- >>> Resource owners cannot revoke access to an individual third party without >>> revoking access >>> to all third parties, and must do so by changing their password. >>> >>> Notes >>> ----- >>> The text was originally "their" but changed to "the third party's" between >>> the last draft and RFC. >>> However, "their" means "resource owners'", not "the third party's". >> >> Yes, this appears to be a change the RFC Editor made that the authors >> didn't notice in AUTH48. But the RFC Editor change it from "their" >> because "their" wasn't clear. Changing it back to "their" won't help >> that. I suggest editing the corrected text to "by changing the >> resource owner's password" before marking this as Verified. > > Yep, I suggested that same change in a private email to Stephen, so I > would prefer this modification.
Ok, assuming nobody objects I'll verify this that way tomorrow. Cheers, S > >> Barry > > -derek > _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth