Errata 5708 has been reported attempting to clarify the situation.
https://www.rfc-editor.org/errata/eid5708
On Mon, Apr 22, 2019 at 9:53 AM Thomas Broyer wrote:
> And the root issue is that it *is* subject to interpretation.
>
> Parameters sent without a value MUST be treated as if they were
>
The following errata report has been submitted for RFC6749,
"The OAuth 2.0 Authorization Framework".
--
You may review the report below and at:
http://www.rfc-editor.org/errata/eid5708
--
Type: Editorial
Reported by: Brian Ca