The words implicit vs. explicit might not have been the best choice but the
concepts are complicated and subtle and I was (and still am) at a bit of a
lose for the right language to describe things.
By explicit what I was trying to express is that the token that is going
cross-domain is explicitly
_
>>> OAuth mailing list
>>> OAuth@ietf.org
>>> https://www.ietf.org/mailman/listinfo/oauth
>>>
>>>
>>
>> --
>> *CONFIDENTIALITY NOTICE: This email may contain confidential and privileged
>> mater
, use,
> distribution or disclosure by others is strictly prohibited. If you have
> received this communication in error, please notify the sender immediately
> by e-mail and delete the message and any file attachments from your
> computer. Thank you.*
> -- next pa
+1 to Brian
-1 to the proposed text from Denis
> On Dec 8, 2017, at 8:48 PM, Brian Campbell wrote:
>
> The privacy matter is already mentioned. Despite your many messages to this
> WG and others about the so called ABC attack, I do not believe it warrants
> treatment in this document or othe
I couldn't get the QR code to work... ;)
On Mon, Nov 27, 2017 at 6:55 AM, Rifaat Shekh-Yusef
wrote:
> All,
>
> As discussed in Singapore, we are starting a WGLC for the
> *draft-ietf-oauth-device-flow-07* document, starting today and ending on
> December 11, 2018.
> https://datatracker.ietf.org/