Moving the discussions to an appendix sounds good. > On 26. Nov 2019, at 08:17, Daniel Fett <f...@danielfett.de> wrote: > > Am 25.11.19 um 23:02 schrieb Torsten Lodderstedt: >> Parts of the text in section 4 capture discussions of potential solutions >> and reasons why we decided in favor of a certain solution. I think this will >> be useful in the future and it has already proven useful for me, e.g. in the >> recent discussions around PoP vs audience restriction. > Then let's move these discussions to an appendix or a separate document. I > have the feeling that some sections have too many "could"s, "might"s and > "should"s for a normative document. Another point is that the alternative > solutions that we are discussing often have not been analyzed as thoroughly > as the recommended solutions (see, e.g., PKCE vs. Code-bound State vs. Token > binding for Code). > > -Daniel > >
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth