On Thu, Apr 1, 2010 at 10:10 PM, Eran Hammer-Lahav <[email protected]> wrote: > The current draft allows the following characters: > > value-char = ALPHA / DIGIT / "-" / "." / "_" / "~" / "%" > > Which means a utf-8 string will need to be encoded somehow. Should it be > percent-encoded? Something else?
Why do we have this limitation (sorry if I missed a discussion around this)? Usernames and password, for example, are guaranteed to have problems. I think it is much better for the protocol/libraries to take care of encoding/decoding. Marius > > EHL > > > On 4/1/10 10:00 PM, "Marius Scurtescu" <[email protected]> wrote: > > On Thu, Apr 1, 2010 at 9:54 PM, Eran Hammer-Lahav <[email protected]> > wrote: >> What is the assertion format? Binary? XML? Should the library encode it? >> Is >> the application using the library responsible for providing it with a >> URI-safe string? > > UTF-8 string I guess, the rest should not matter. > > Marius > > _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
