I would suggest that people don't spend time on editorial and formatting of 
their proposed text. Just post either documents or snippets and I will 
incorporate them into the spec as soon as possible. I have the next 4 weeks set 
aside for making significant progress on this document.

EHL

> -----Original Message-----
> From: [email protected] [mailto:[email protected]] On Behalf
> Of Brian Eaton
> Sent: Wednesday, March 24, 2010 10:25 AM
> To: Dick Hardt
> Cc: OAuth WG
> Subject: Re: [OAUTH-WG] new sponsorship, time available for WG
> 
> On Tue, Mar 23, 2010 at 10:18 PM, Dick Hardt <[email protected]> wrote:
> > Microsoft recently offered to sponsor me to work on OAuth. For the
> > past few months I have participated in the WG on my own time, but I am
> > now able to devote a significant amount of time to this WG.
> 
> Sweet.
> 
> > At the IETF post meeting this week,  there was discussion of working
> > on both draft-hardt-oauth and draft-recordon-oauth2.  David's draft
> > has garnered much discussion, much of it comments on what was dropped
> > from WRAP. Similarly, if draft-hardt-oauth was revised to include
> > signatures, it likely would also generate discussion. Seems like a
> > waste for the WG to be providing comments on two documents.
> 
> So there is a bunch of good stuff in both documents.
> 
> What I like from David's draft:
> - device profile
> - adding oauth_mode
> - single refresh token workflow (though as David points out in another
> thread, this needs tweaking.)
> 
> What I like from WRAP:
> - a whole bunch of profiles and use cases that got dropped from David's
> draft.
> 
> I don't think the OAuth 1.0 signature scheme is a good choice for OAuth 2,
> but we talked in person at IETF about some alternatives.
> Dick and I both have opinions on what we think it should look like, I'm hoping
> Dick will write it up soon.
> 
> I'm going to write up some security considerations (I think Richard Barnes is
> interested, too), based mostly on the WRAP draft, plus some of the profiles
> from the OAuth2 draft.
> 
> So short-term we are probably going to end up with more documents rather
> than fewer.  I think the discussion is going really well and I'm happy to have
> so many people participating.
> 
> Cheers,
> Brian
> _______________________________________________
> OAuth mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to