While this work addresses a gap in the existing OAuth specification set, I am very concerned that this incremental extension will lead to even more confusion around the areas of “scope”, “audience” and “resource server”.
I think we should try to solve this problem via a framework that provides better guidance and implementation models for OAuth use-cases. In other words, I feel that a broader discussion is needed here. > On Apr 7, 2016, at 4:11 PM, Justin Richer <jric...@mit.edu> wrote: > > I support adoption of this document as a starting point for working group > work. > > — Justin > > >> On Apr 6, 2016, at 1:25 PM, Hannes Tschofenig <hannes.tschofe...@gmx.net> >> wrote: >> >> Hi all, >> >> this is the call for adoption of 'Resource Indicators for OAuth 2.0', see >> http://datatracker.ietf.org/doc/draft-campbell-oauth-resource-indicators/ >> >> Please let us know by April 20th whether you accept / object to the >> adoption of this document as a starting point for work in the OAuth >> working group. >> >> Note: If you already stated your opinion at the IETF meeting in Buenos >> Aires then you don't need to re-state your opinion, if you want. >> >> The feedback at the BA IETF meeting was the following: ~10 persons >> for accepting the document and 0 persons against. >> >> Ciao >> Hannes & Derek >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
