[+oauth mailing list] Seems like the right thing to do.
I'm going to declare http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/drafts/8/draft-eaton-oauth-bodyhash.html final tomorrow. Changes since the last revision: - omit oauth_body_hash on all request token and access token requests; this improves compatibility with various strict OAuth SPs. - include oauth_body_hash everywhere else. - lots of clean up and general editorial improvements from Eran. Thanks to everyone who contributed feedback on this spec. On Thu, Apr 2, 2009 at 2:27 PM, Louis Ryan <[email protected]> wrote: > Hi, > > I'd like to refer to the oauth_body_hash signing proposal as a SHOULD in the > JSON_RPC spec in replacement for the ad-hoc body signing mechanism mentioned > in section 8. See > http://opensocial-resources.googlecode.com/svn/spec/draft/RPC-Protocol.xml#rfc.section.8 > > Any objections? > > -Louis > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
