Eran Hammer writes:
> There is a lot of history on this thread.
I know. I have read it all. Frankly, I feel that Michael was treated
poorly by the members of this group.
> At the heart of it is a request from a working group member that the
> specification makes it clear that OAuth does not p
I just noticed that there is a similar situation in ยง4.1* and 4.2**
where there's a MUST before defining the HTTP parameters but some of
the individual parameters are marked as OPTIONAL.
The MUST should probably be dropped.
* http://tools.ietf.org/html/draft-ietf-oauth-assertions-01#section-4.1
*
On 2012-04-23 23:19, Eran Hammer wrote:
During the IESG review of draft-ietf-oauth-v2, Sean Turner raised the
following DISCUSS item (meaning, the specification is blocked until this
is resolved):
> 0) General: I found the lack of ABNF somewhat disconcerting in that
> implementers would have
This topic should not have been raised again with this mailing list as we
did reach a consensus before. What happened was that Barry sent a targeted
email to some people, including Michael Thomas, regarding some additional
wording as part of his shepard review. Michael inadvertently replied to
thi