I have just submit an I-D. http://datatracker.ietf.org/doc/draft-sakimura-oauth-requrl/
It has extra things like Signing and Encrypting of the Request payload for some use-case stated in the introduction, but the core is the "request_url". (The draft actually is largely copy and paste of OpenID Artifact Binding, which is based on OAuth2.0). =nat On Sat, Jun 12, 2010 at 6:57 AM, Eran Hammer-Lahav <[email protected]> wrote: > I’d still like to see this proposed as a new I-D. It can be very short. I > will have the extensibility guidelines in the next draft or two, but you can > start by just declaring a new parameter for the relevant endpoints. > > EHL > > > On 6/7/10 7:53 PM, "Nat Sakimura" <[email protected]> wrote: > > I fully agree on it. > > Instead of doing as a flow, defining request_url as one of the core variable > would be better. > The question then is, whether this community accepts the idea. > > On Mon, Jun 7, 2010 at 10:51 PM, Manger, James H > <[email protected]> wrote: > > Nat, > >> On the other hand, you are starting to think of it as a generic "include" >> mechanism, are you? > > Yes. That feels like the simplest mental model for this functionality, and > the simplest way to specify it. > > -- > James Manger > > > -- Nat Sakimura (=nat) http://www.sakimura.org/en/ http://twitter.com/_nat_en _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
