t-ietf-oauth-v2-bearer.xml (will
> point to new versions as they are posted)
>
> · http://svn.openid.net/repos/specifications/oauth/2.0/ (Subversion
> repository, with html, pdf, txt, and html versions available)
>
>
>
>
arius
>> ___
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
> ___
> OAuth mailing list
> OAuth@ietf.org
> https://w
__
>> > OAuth mailing list
>> > OAuth@ietf.org
>> > https://www.ietf.org/mailman/listinfo/oauth
>> ___
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
>
>
> _
on all
> the ways that the ignore rule can go wrong if extensions aren’t handled
> carefully.
>
>
>
> Thoughts?
>
>
>
> Thanks,
>
>
>
> Yaron
>
> ______
e the kind of developer who will start evaling strings send
from the server then there's not much hope of their application being
secure, regardless of OAuth.
Ian
--
Ian McKellar <http://ian.mckellar.org/>
i...@mckellar.org: email | jabber | m
, scope, and expires_in to the redirection URI fragment using
>>> theapplication/x-www-form-urlencoded format as defined by...
>>>
>>>
>>>
>>> Since the scope applies equally to both the code and access_token
>>> parameters, it seems that scope shoul
t;
> EHL
>
>
>
> From: Andrew Arnott [mailto:andrewarn...@gmail.com]
> Sent: Friday, July 02, 2010 7:24 PM
> To: Eran Hammer-Lahav
> Cc: Ian McKellar; Marius Scurtescu; OAuth WG (oauth@ietf.org)
> Subject: Re: [OAUTH-WG] Security of user agent clients (WAS: End user auth
