On 6/13/2014 7:15 PM, Phil Hunt wrote:
Would it be better if we thought about this as the authentication “bug”?
How can there be an authentication "bug" when OIDC has addressed it backed by multiple implementations by different parties? Why don't you see if OIDC addresses the minor optimizations you are proposing in a4c before creating competing specifications which will only confuse and fragment the community?
-- Bill Burke JBoss, a division of Red Hat http://bill.burkecentral.com _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
