On Sep 17, 9:55 am, Eran Hammer-Lahav <[email protected]> wrote: > OAuth Core 1.0 (or a) does *not* include PUT body parameters in the signature > base string. That is a bug which I already fixed a while back in the very > first I-D:
Thank you for your clarification. But is this just a draft and would you recommend that I refer the to IETF draft as the canonical specification of OAuth, when talking to consumer developers? > Too bad very few people actually bother to read the IETF drafts and provide > feedback. For the record, I had to restrain myself in that last sentence from > using offensive language. I think the reason that people don't read the IETF drafts are because the only mention of IETF on oauth.net is in reference to the mailing list and that the Documentation section doesn't link to them. Hannes --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
