+1 > 29 feb. 2016 kl. 15:41 skrev Brian Campbell <bcampb...@pingidentity.com>: > > +1 > > On Fri, Feb 19, 2016 at 9:28 PM, Vladimir Dzhuvinov <vladi...@connect2id.com > <mailto:vladi...@connect2id.com>> wrote: > +1 > > On 19/02/16 23:59, Justin Richer wrote: > > The newly-trimmed OAuth Discovery document is helpful and moving in the > > right direction. It does, however, still have too many vestiges of its > > OpenID Connect origins. One issue in particular still really bothers me: > > the use of “/.well-known/openid-configuration” in the discovery portion. Is > > this an OAuth discovery document, or an OpenID Connect one? There is > > absolutely no compelling reason to tie the URL to the OIDC discovery > > mechanism. > > > > I propose that we use “/.well-known/oauth-authorization-server” as the > > default discovery location, and state that the document MAY also be > > reachable from “/.well-known/openid-configuration” if the server also > > provides OpenID Connect on the same domain. Other applications SHOULD use > > the same parameter names to describe OAuth endpoints and functions inside > > their service-specific discovery document. > > > > — Justin > > _______________________________________________ > > OAuth mailing list > > OAuth@ietf.org <mailto:OAuth@ietf.org> > > https://www.ietf.org/mailman/listinfo/oauth > > <https://www.ietf.org/mailman/listinfo/oauth> > > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org <mailto:OAuth@ietf.org> > https://www.ietf.org/mailman/listinfo/oauth > <https://www.ietf.org/mailman/listinfo/oauth> > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
