I think the main difference is that User-Agent clients (aka JavaScript
clients) cannot store a secret while Native Apps can safely store a
secret, but the secret cannot be distributed (or, even if it can be
distributed, it may not have much value).
The difference is important. Each native app
If we consider HTML5 browser, I am not sure there is a clear
separation betweeen native apps and user agent clients. What is the
technical difference between a native app and a browser that support
HTML 5 localStorage ?
On Fri, Jun 25, 2010 at 9:22 AM, Marius Scurtescu mscurte...@google.com
Subject: Re: [OAUTH-WG] client secret used in Native App profile
I think the line between 'native apps' and 'user-agent apps' is fuzzier than
that. if the only difference being considered is that user-agent apps are not
compiled (Javascript) vs. native apps that are, that is not the whole