You earlier stated that multiple AS was out of scope. I am aligned that using OAuth 2.0 needs to support the widely deployed social web use cases -- if you recall, I drove getting rid of the signature requirement! :)
On Fri, Jun 4, 2010 at 9:45 AM, Luke Shepard <lshep...@facebook.com> wrote: > > On Jun 4, 2010, at 8:41 AM, Dick Hardt wrote: > > > There is more to the web than the social web Luke, and supporting > multiple AS has been a design goal of WRAP and OAuth 2.0 and is being > implemented. > > Whoa, I didn't say there wasn't. I agree that supporting multiple > authorization servers is a reasonable design goal and there are some people > who are making that work. > > I was just pointing that that a common case, today, is to have a single > authorization server for a given resource - I mentioned several examples of > services that work this way now. OAuth 2.0 needs to support that use case in > a clean way.
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth