We should strive to do as much as rough consensus allows. The way we decide what's in scope is by discussing it until we reach a mature proposal. Objections must always come with a technical argument why the proposal is bad.
All specs include features that are a little bit experimental (in OAuth 1.0 it was Google's demand for RSA support). There is nothing wrong with that as long as the core (and required) parts are well specified. People are here for many reasons. EHL > -----Original Message----- > From: Yaron Goland [mailto:[email protected]] > Sent: Tuesday, May 11, 2010 4:10 PM > To: Brian Eaton; Eran Hammer-Lahav > Cc: OAuth WG ([email protected]) > Subject: RE: [OAUTH-WG] sites with wildcard > > Limited views on what a protocol is far tend to produce protocols that are > actually interoperable. We should strive to do as little as possible in the > standard and make sure we do a great job leaving the door open to later > extensions. > > > -----Original Message----- > > From: [email protected] [mailto:[email protected]] On Behalf > > Of Brian Eaton > > Sent: Tuesday, May 11, 2010 11:39 AM > > To: Eran Hammer-Lahav > > Cc: OAuth WG ([email protected]) > > Subject: Re: [OAUTH-WG] sites with wildcard > > > > On Tue, May 11, 2010 at 11:03 AM, Eran Hammer-Lahav > > <[email protected]> wrote: > > > That's a pretty limited view on what OAuth 2.0 is for. > > > > It it what has brought a large community into this mailing list. > > _______________________________________________ > > OAuth mailing list > > [email protected] > > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
