This is a call for consensus on accepting Eran's latest OAuth draft,
draft-hammer-oauth2 [1] as a working group item. Assuming no
objections by end-of-day Tuesday, April 22nd, this draft will be
promoted to an active working group document on Wednesday, April 23rd.
b.
[1]
Blaine... Might you have meant April 27th?
On 4/23/10 1:20 PM, Blaine Cook wrote:
This is a call for consensus on accepting Eran's latest OAuth draft,
draft-hammer-oauth2 [1] as a working group item. Assuming no
objections by end-of-day Tuesday, April 22nd, this draft will be
promoted to an
Do you mean April 29 (Thu) and April 30th (Fri)?
This is a call for consensus on accepting Eran's latest OAuth draft,
draft-hammer-oauth2 [1] as a working group item. Assuming no
objections by end-of-day Tuesday, April 22nd, this draft will be
promoted to an active working group document on
Regarding the second comment I made below: I realized last night that Sections
3.7.1 and 3.7.2 get this more correct, by saying that an autonomous client
represents a separate resource owner. So Section 2.2 definitely needs a
slight change, from:
...and autonomous flows where the client is
- Authorization server doesn’t return approval URL - device hard-codes
this instead.
I expect that this will point to a manufacturer specific page, and
that the manufacturer specific page will automatically redirect to a
page on the authorization server.
Why not returning
Full support.
Igor
Blaine Cook wrote:
This is a call for consensus on accepting Eran's latest OAuth draft,
draft-hammer-oauth2 [1] as a working group item. Assuming no
objections by end-of-day Tuesday, April 22nd, this draft will be
promoted to an active working group document on Wednesday,
I was surprised that this announcement didn't garner more commentary
from the list here, as this decision worries me a little bit. There are
a lot of components of the OAuth protocol that aren't stabilized into a
real standard yet, and I'm worried that the Facebook implementation of
OAuth 2.0 will
Hi all guys, Paul very nice to meet you :)
at the era I started writing the first version of the Amber proposal,
my Cocoon3 mates Reinhard Poetz and Steven Dolg were interested, I'll
ping them to get them involved.
Quick question: can anyone tell me please where I can share the first
draft of the
On 4/23/10 8:05 AM, Prateek Mishra wrote:
Do you mean April 29 (Thu) and April 30th (Fri)?
Clearly yes.
This is a call for consensus on accepting Eran's latest OAuth draft,
draft-hammer-oauth2 [1] as a working group item. Assuming no
objections by end-of-day Tuesday, April 22nd, this draft
Hey Justin, al-
I'll send a more complete email this afternoon with the details of the Facebook
OAuth deployment. For now I just wanted to respond to your questions:
Is Facebook committed to tracking the spec in its development
Yes. Our main focus right now is stability and bug fixing for
just as a counter - twitter is taking a more paced stance. our @anywhere is
built upon the oauth2 draft from a few weeks ago, and we're going to be
spending a portion of next week catching it up to the current draft. its my
personal goal to open the endpoint up so that developers can start to
On Fri, Apr 16, 2010 at 8:09 PM, Eran Hammer-Lahav e...@hueniverse.comwrote:
On 4/16/10 6:00 PM, Evan Gilbert uid...@google.com wrote:
- Add text to the spec to give overview of options for native app
developers
I need a proposal.
Here's a proposal for text to cover the options for
I suspect the key concept is realising that there can be many authz URIs — and
that that is ok. OAuth libraries should support this concept — perhaps by not
expecting a single authz URI to be provided in a config file.
I fully agree with your statement. Authorization servers may use
This looks about right.
EHL
-Original Message-
From: Torsten Lodderstedt [mailto:tors...@lodderstedt.net]
Sent: Friday, April 23, 2010 3:31 PM
To: Manger, James H
Cc: Brian Eaton; Eran Hammer-Lahav; OAuth WG
Subject: Re: [OAUTH-WG] 'Scope' parameter proposal
I suspect the key
On Thu, Apr 22, 2010 at 6:11 PM, Manger, James H
james.h.man...@team.telstra.com wrote:
We mustn't drop advertisements (details in 401 responses).
We mustn't drop the goal of a standard for interoperability.
I share the goals, I just don't think that a specification is the way
to get there. I
I sent this reply to Brian's original email earlier, but forgot to click
reply-all.
I disagree with hardcoding the approval URL into the device. To enable short
URLs, there's nothing in the spec preventing the Auth Server from returning a
different approval URL for each client id.
16 matches
Mail list logo