On 3/30/10 9:25 PM, "Brian Eaton" <[email protected]> wrote: > On Tue, Mar 30, 2010 at 9:20 PM, Eran Hammer-Lahav <[email protected]> > wrote: >> The makes client request parameter much simpler as the only parameter >> "invading" the URI or body space of the request is oauth_token. Anything >> else is limited to the header. > > Why would oauth_token ever hit the URI or body in a signed request? It wouldn't. I meant in the entire spec (i.e. Bearer tokens). EHL _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
- [OAUTH-WG] Limiting signed requests to use the Authori... Eran Hammer-Lahav
- Re: [OAUTH-WG] Limiting signed requests to use th... Brian Eaton
- Re: [OAUTH-WG] Limiting signed requests to us... David Recordon
- Re: [OAUTH-WG] Limiting signed requests to us... Eran Hammer-Lahav
- Re: [OAUTH-WG] Limiting signed requests to use th... Paul C. Bryan
- Re: [OAUTH-WG] Limiting signed requests to us... Torsten Lodderstedt
- Re: [OAUTH-WG] Limiting signed requests to use th... Moore, Jonathan
- Re: [OAUTH-WG] Limiting signed requests to us... George Fletcher
- Re: [OAUTH-WG] Limiting signed requests t... Eran Hammer-Lahav
- Re: [OAUTH-WG] Limiting signed reques... Anthony Nadalin
- Re: [OAUTH-WG] Limiting signed r... Eran Hammer-Lahav
- Re: [OAUTH-WG] Limiting sign... George Fletcher
- Re: [OAUTH-WG] Limiting ... Allen Tom
- Re: [OAUTH-WG] Limiting ... Igor Faynberg
