Hi Dave,
there has been a long debate about native client security and you can
also find a comprehensive analysis in the security document.
It's just a fact that such clients cannot reliably be authenticated in a
public environment (even if malicious clients can be detected in some
cases).
I reviewed the diffs and it looks ok.
regards,
Torsten.
Am 07.09.2011 17:59, schrieb Barry Leiba:
As you've all probably seen, Eran has posted version 21 of the OAuth
base spec, in which he believes he's addressed all comments and issues
that came up in the review of version 20. We should be
Hi all,
I just published a new revision of the token revocation draft. We added
JSONP support (thanks to Marius) and aligned the text with draft 21 of
the core spec.
We would like to bring this draft forward as working group item (once
the WG is ready). We think its relevance is illustrated
Agreed.
Phil
On 2011-09-16, at 12:08, Torsten Lodderstedt tors...@lodderstedt.net wrote:
I reviewed the diffs and it looks ok.
regards,
Torsten.
Am 07.09.2011 17:59, schrieb Barry Leiba:
As you've all probably seen, Eran has posted version 21 of the OAuth
base spec, in which he
If it's not already implicit by our implementation, I'm voicing our support for
this becoming a working group item.
- cmort
On Sep 16, 2011, at 12:31 PM, Torsten Lodderstedt
tors...@lodderstedt.netmailto:tors...@lodderstedt.net wrote:
Hi all,
I just published a new revision of the token
