I am getting ready to making a complete rewrite of the current OAuth spec. The idea is to make it much easier to read without changing anything that will impact implementation. This will be useful both for clarity but also as a better starting point for the upcoming OAuth effort at the IETF.
What I would like to ask people who have read the spec or implemented it to share as many problems, errors, failures, mistakes, misunderstandings, wasted time, etc. caused by the spec not being clear enough. You can simply describe the error (did not sort parameter, did not %-encode, %-encoded twice, etc.) or the section of the spec you had to read 325 times before it made any sense. Please reply to this thread so we have a public inventory of OAuth FAILs. EHL --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
