I agree, the consumer should be informed whether the service provider is 1.0 or 1.0a, before it redirects the user for authorization. In addition to the reasons noted above, it enables a consumer to protect the user from the security hole in 1.0, by refusing to work with a 1.0 service provider. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
- [oauth] Re: OAuth Core 1.0 Rev... Manish Pandit
- [oauth] Re: OAuth Core 1.0 Rev... Breno de Medeiros
- [oauth] Re: OAuth Core 1.0 Rev A, Draft 2 Brian Eaton
- [oauth] Re: OAuth Core 1.0 Rev A, Draft 2 Eran Hammer-Lahav
- [oauth] Re: OAuth Core 1.0 Rev A, Draft 2 Brian Eaton
- [oauth] Re: OAuth Core 1.0 Rev A, Draft 2 Eran Hammer-Lahav
- [oauth] Re: OAuth Core 1.0 Rev A, Draft 2 John Kemp
- [oauth] Re: OAuth Core 1.0 Rev A, Draft... Jonathan Sergent
- [oauth] Re: OAuth Core 1.0 Rev A, ... Eran Hammer-Lahav
- [oauth] Re: OAuth Core 1.0 Rev... Mike Fleming
- [oauth] Re: OAuth Core 1.0 Rev... John Kristian
- [oauth] Re: OAuth Core 1.0 Rev A, Draft 2 Allen Tom
- [oauth] Re: OAuth Core 1.0 Rev A, Draft 2 Eran Hammer-Lahav
- [oauth] Re: OAuth Core 1.0 Rev A, Draft 2 Brian Eaton
- [oauth] Re: OAuth Core 1.0 Rev A, Draft 2 Eran Hammer-Lahav
- [oauth] Re: OAuth Core 1.0 Rev A, Draft 2 Rasmus
