Cool. You may recall these previous discussion on this list of questions of mine that stemmed from reading of the spec: Lexicographical ordering of parameters<http://groups.google.com/group/oauth/browse_thread/thread/7c698004be0d536/0add9f7a4eb9ffbf?lnk=gst&q=Lexicographical+ordering+of+parameters#0add9f7a4eb9ffbf>
Is oauth_token required in SP redirect to Consumer?<http://groups.google.com/group/oauth/browse_thread/thread/563f3824b7a97be0/dde5f3b2700bc7de?lnk=gst&q=arnott#dde5f3b2700bc7de> I'd love to see the spec fixed up so that these questions are implicitly answered. -- Andrew Arnott "I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - Voltaire On Tue, Feb 24, 2009 at 3:25 PM, Eran Hammer-Lahav <[email protected]>wrote: > > I am getting ready to making a complete rewrite of the current OAuth spec. > The idea is to make it much easier to read without changing anything that > will impact implementation. This will be useful both for clarity but also > as > a better starting point for the upcoming OAuth effort at the IETF. > > What I would like to ask people who have read the spec or implemented it to > share as many problems, errors, failures, mistakes, misunderstandings, > wasted time, etc. caused by the spec not being clear enough. > > You can simply describe the error (did not sort parameter, did not > %-encode, > %-encoded twice, etc.) or the section of the spec you had to read 325 times > before it made any sense. > > Please reply to this thread so we have a public inventory of OAuth FAILs. > > EHL > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
