On Thu, Apr 30, 2009 at 2:34 PM, Luca Mearelli <[email protected]> wrote: > > On Thu, Apr 30, 2009 at 2:29 PM, Hubert Le Van Gong <[email protected]> > wrote: >> One nitpick: "a non-guessable value" is not very precise. Why not saying >> something like a UUID (even though it may not have to be unique). > > because in those cases where it has to be manually inputted by the > user it will have to be short enough (e.g. PIN-like)
Right - I had parse that with a security-centric lens on so "non-guessable" raised some flags... :) Hubert --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
