> -Original Message-
> From: Freeman, Tim [mailto:tim.free...@hp.com]
> Sent: Friday, March 25, 2011 11:48 AM
> Tim:
> > Section 2.1.1 says "If a redirection URI was registered, the
> > authorization server MUST compare any redirection URI received at the
> > authorization endpoint with
Snipping out everything I agree with, there's only this remaining, including
some context so this email might make sense in isolation:
Tim:
> Section 2.1.1 says "If a redirection URI was registered, the authorization
> server MUST compare any redirection URI received at the authorization
> endpoi
> -Original Message-
> From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf
> Of Freeman, Tim
> Sent: Tuesday, March 15, 2011 2:56 PM
I think authorization, user-agent, endpoint are well understood terms among
those working with HTTP which OAuth clearly requires a ce
Hi, I've been out of this for a while working on something else. To get back
in, I read through the latest draft and have some feedback. The fact that I've
been paying attention to other things for a while means my feedback has a
different slant from that of people who have been engaged. On the
