WIll do. Glad to hear you have a bunch of time on your hands. On 2010-03-24, at 11:53 AM, Eran Hammer-Lahav wrote:
> I would suggest that people don't spend time on editorial and formatting of > their proposed text. Just post either documents or snippets and I will > incorporate them into the spec as soon as possible. I have the next 4 weeks > set aside for making significant progress on this document. > > EHL > >> -----Original Message----- >> From: [email protected] [mailto:[email protected]] On Behalf >> Of Brian Eaton >> Sent: Wednesday, March 24, 2010 10:25 AM >> To: Dick Hardt >> Cc: OAuth WG >> Subject: Re: [OAUTH-WG] new sponsorship, time available for WG >> >> On Tue, Mar 23, 2010 at 10:18 PM, Dick Hardt <[email protected]> wrote: >>> Microsoft recently offered to sponsor me to work on OAuth. For the >>> past few months I have participated in the WG on my own time, but I am >>> now able to devote a significant amount of time to this WG. >> >> Sweet. >> >>> At the IETF post meeting this week, there was discussion of working >>> on both draft-hardt-oauth and draft-recordon-oauth2. David's draft >>> has garnered much discussion, much of it comments on what was dropped >>> from WRAP. Similarly, if draft-hardt-oauth was revised to include >>> signatures, it likely would also generate discussion. Seems like a >>> waste for the WG to be providing comments on two documents. >> >> So there is a bunch of good stuff in both documents. >> >> What I like from David's draft: >> - device profile >> - adding oauth_mode >> - single refresh token workflow (though as David points out in another >> thread, this needs tweaking.) >> >> What I like from WRAP: >> - a whole bunch of profiles and use cases that got dropped from David's >> draft. >> >> I don't think the OAuth 1.0 signature scheme is a good choice for OAuth 2, >> but we talked in person at IETF about some alternatives. >> Dick and I both have opinions on what we think it should look like, I'm >> hoping >> Dick will write it up soon. >> >> I'm going to write up some security considerations (I think Richard Barnes is >> interested, too), based mostly on the WRAP draft, plus some of the profiles >> from the OAuth2 draft. >> >> So short-term we are probably going to end up with more documents rather >> than fewer. I think the discussion is going really well and I'm happy to >> have >> so many people participating. >> >> Cheers, >> Brian >> _______________________________________________ >> OAuth mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/oauth > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
