Thanks for the info, Torsten. Your feedback raises an interesting question, namely what functionality the parties have to implement to claim conformance to the specification.
Quickly scanning through the specification didn't tell me whether it is OK to just implement the plain mode or whether both modes are mandatory-to-implement. We have to say something about this. Ciao Hannes On 02/18/2015 02:16 PM, tors...@lodderstedt.net wrote: > Hi Hannes, > > our implementation supports the "plain" mode only. We just verified > compliance of our implementation with the current spec. As the only > deviation, we do not enforce the minimum length of 43 characters of the > code verifier. > > kind regards, > Torsten. > > Am 17.02.2015 17:48, schrieb Hannes Tschofenig: >> Hi Torsten, >> >> does this mean that your implementation is not compliant with the >> current version anymore or that you haven't had time to verify whether >> there are differences to the earlier version? >> >> Ciao >> Hannes >> >> >> On 01/31/2015 05:34 PM, Torsten Lodderstedt wrote: >>> Deutsche Telekom also implemented an early version of the draft last >>> year. >>> >>> >>> >>> Am 30.01.2015 um 18:50 schrieb Brian Campbell >>> <bcampb...@pingidentity.com <mailto:bcampb...@pingidentity.com>>: >>> >>>> >>>> On Tue, Jan 27, 2015 at 9:24 AM, Hannes Tschofenig >>>> <hannes.tschofe...@gmx.net <mailto:hannes.tschofe...@gmx.net>> wrote: >>>> >>>> >>>> 1) What implementations of the spec are you aware of? >>>> >>>> >>>> We have an AS side implementation of an earlier draft that was >>>> released in June of last year: >>>> http://documentation.pingidentity.com/pages/viewpage.action?pageId=26706844 >>>> >>>> _______________________________________________ >>>> OAuth mailing list >>>> OAuth@ietf.org <mailto:OAuth@ietf.org> >>>> https://www.ietf.org/mailman/listinfo/oauth
signature.asc
Description: OpenPGP digital signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
