Yeah, I agree with that change. On Wed, Jun 15, 2011 at 1:24 PM, William J. Mills <[email protected]>wrote:
> I like your draft in general, but > > > 10.1.3. Access Tokens > > Access tokens are shorter-lived versions of refresh tokens. > > Doesn't work for me. Access tokens are credentials used to access protected > resources. Refresh > tokens are credentials used to obtain access tokens. > > -bill > > > ------------------------------ > *From:* Brian Eaton <[email protected]> > *To:* Eran Hammer-Lahav <[email protected]> > *Cc:* OAuth WG <[email protected]> > *Sent:* Wednesday, June 15, 2011 11:32 AM > > *Subject:* Re: [OAUTH-WG] Refresh tokens > > On Wed, Jun 15, 2011 at 10:30 AM, Eran Hammer-Lahav > <[email protected]>wrote: > > I would like to add a quick discussion of access token and refresh token > recommended deployment setup, providing clear guidelines when a refresh > token SHOULD and SHOULD NOT be issued, and when issues, how it is difference > from the access token. > > > Is this a start? > > http://www.ietf.org/mail-archive/web/oauth/current/msg06362.html > > > ** > It’s time we stop trying to accommodate every possible combination and make > some hard choices.**** > ** > > > +1. Yes please. > > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth > > >
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
