+1 on pushing up error_description and error_uri
I think client_id might be worth keeping low since it is often used even
when in combination with client_secret. See OAuth Mtls as an example.
On Mon, 27 Aug 2018 at 18:20, Jim Schaad wrote:
>
>
> > -Original Message-
> > From: Ace On
> -Original Message-
> From: Ace On Behalf Of Ludwig Seitz
> Sent: Monday, August 27, 2018 12:52 AM
> To: ace@ietf.org
> Subject: [Ace] Parameter abbreviation number ranges for
draft-ietf-ace-oauth-
> authz
>
> Hello group,
>
> at IETF 102 there was a discussion about the numerical
Hello group,
at IETF 102 there was a discussion about the numerical abbreviations we
introduced for both OAuth parameter names and access token claim names.
I have generated a proposal that makes better use of the number space,
but I'd like the OAuth specialists to have a look at it and see