I would like to drop all the request URI parameters normalization logic and just use the raw request URI instead. A year ago during the discussion on my Token authentication scheme (which had that behavior specified), some people raised the issue that access to the raw request URI isn't always possible on the client or server. This feels like a limitation that is no longer a real problem for any modern web development environment.
If you know of actual deployment issues with using the raw request URI instead of the parameter parsing and sorting voodoo, please let me know. Otherwise, the next draft will drop that entire section. EHL
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
