Hi All, I vote for #1 - the proposal is simple and straightforward.
However, as one of the authors of WRAP - I am rather fond of bearer tokens. Replacing OAuth 1.0 tokens with bearer tokens was one of the primary goals of WRAP, so #4 makes a lot of sense to me too. That being said, #1 is simple and straightforward, and has the advantage that choice #1 can move the process forward. Allen
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
