On May 8, 9:10 pm, Darren Bounds <[email protected]> wrote:
> I think was a little unclear in my statement regarding the Consumers'
> duties. Allow me to rephrase:
>
> As a consumer you need to do one of two things:
>
> 1) Mixed Binding - Ensure the user who initiated the dance is the one
> who completed it and then associate the access token/secret with that
> user.
> 2) Late Binding - Only rely on the identity of the user who completed
> the dance and associated the access token/secret with that user.
>
> What you've described is 'Early Binding' and generally a bad idea for
> the very reason called out.
>
> Darren
>
>
>
Thanks, Darren. I am a provider, so I'd have to "trust" the consumer
to do the right thing in this case..I cannot think of anything else
either :(
-cheers,
Manish
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"OAuth" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [email protected]
For more options, visit this group at http://groups.google.com/group/oauth?hl=en
-~----------~----~----~----~------~----~------~--~---
