hi, FWIW I also find Option A easier to understand/implement.
regards antonio On Feb 19, 2016, at 8:42 PM, Hannes Tschofenig <hannes.tschofe...@gmx.net> wrote: > Early February I posted a mail to the list to make progress on the > solution to the OAuth Authorization Server Mix-Up problem discovered > late last year. > > Here is my mail about the Authorization Server Mix-Up: > http://www.ietf.org/mail-archive/web/oauth/current/msg15336.html > > Here is my mail to the list that tries to summarize the discussion > status and asked a few questions: > http://www.ietf.org/mail-archive/web/oauth/current/msg15697.html > > Unfortunately, my mail didn't lead to the intended success. While there > was some feedback I wasn't getting the desired response. > > In order to move forward I believe we need a working group document that > serves as a starting point for further work in the group*. We have two > documents that provide similar functionality in an attempt to solve the > Authorization Server Mix-Up problem. > > So, here is the question for the group. Which document do you want as a > starting point for work on this topic: > > -- Option A: 'OAuth 2.0 Mix-Up Mitigation' by Mike Jones and John Bradley > > Link: > https://tools.ietf.org/html/draft-jones-oauth-mix-up-mitigation-01 > > -- Option B: 'OAuth Response Metadata' by Nat Sakimura, Nov Matake and > Sascha Preibisch > > Link: > https://tools.ietf.org/html/draft-sakimura-oauth-meta-07 > > Deadline for feedback is March, 4th. > > Ciao > Hannes & Derek > > PS: (*) Regardless of the selected solution we will provide proper > acknowledgement for those who contributed to the work. > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
