As a substantive comment on the draft (I'm in favor of it being a working
group item), it is not clear whether Basic is a required value on the
Authorization header included in a revocation request. In some scenarios
(particularly three legged), the client app will not possess the username
and
Hi Craig,
thanks for your comment.
The revocation endpoint uses
the same authentication policy as the core spec. Confidential client
must authenticate using their client secret (or any other credential).
The end-user's credentials are not involved at all.
regards,
Torsten.
Am
+1
Huilan Lu
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of
Marius Scurtescu
Sent: Monday, September 19, 2011 2:48 PM
To: Chuck Mortimore
Cc: OAuth WG
Subject: Re: [OAUTH-WG] Fwd: New Version Notification for
draft-lodderstedt-oauth-revocation-03.txt
+1
On Fri, Sep
Yes, this is high time to have this a WG item!
Igor
On 9/16/2011 3:32 PM, Torsten Lodderstedt wrote:
Hi all,
I just published a new revision of the token revocation draft. We
added JSONP support (thanks to Marius) and aligned the text with draft
21 of the core spec.
We would like to bring
+1
On Fri, Sep 16, 2011 at 1:06 PM, Chuck Mortimore
cmortim...@salesforce.comwrote:
If it's not already implicit by our implementation, I'm voicing our support
for this becoming a working group item.
- cmort
On Sep 16, 2011, at 12:31 PM, Torsten Lodderstedt
tors...@lodderstedt.net
To: Chuck Mortimore
Cc: OAuth WG
Subject: Re: [OAUTH-WG] Fwd: New Version Notification for
draft-lodderstedt-oauth-revocation-03.txt
+1
On Fri, Sep 16, 2011 at 1:06 PM, Chuck Mortimore
cmortim...@salesforce.commailto:cmortim...@salesforce.com wrote:
If it's not already implicit by our
Hi all,
I just published a new revision of the token revocation draft. We added
JSONP support (thanks to Marius) and aligned the text with draft 21 of
the core spec.
We would like to bring this draft forward as working group item (once
the WG is ready). We think its relevance is illustrated
If it's not already implicit by our implementation, I'm voicing our support for
this becoming a working group item.
- cmort
On Sep 16, 2011, at 12:31 PM, Torsten Lodderstedt
tors...@lodderstedt.netmailto:tors...@lodderstedt.net wrote:
Hi all,
I just published a new revision of the token
