+ 1 Phil
@independentid www.independentid.com [email protected] On 2011-06-15, at 1:39 PM, Brian Eaton wrote: > Yeah, I agree with that change. > > On Wed, Jun 15, 2011 at 1:24 PM, William J. Mills <[email protected]> > wrote: > I like your draft in general, but > > 10.1.3. Access Tokens > > Access tokens are shorter-lived versions of refresh tokens. > > Doesn't work for me. Access tokens are credentials used to access protected > resources. Refresh > > tokens are credentials used to obtain access tokens. > > -bill > > From: Brian Eaton <[email protected]> > To: Eran Hammer-Lahav <[email protected]> > Cc: OAuth WG <[email protected]> > Sent: Wednesday, June 15, 2011 11:32 AM > > Subject: Re: [OAUTH-WG] Refresh tokens > > On Wed, Jun 15, 2011 at 10:30 AM, Eran Hammer-Lahav <[email protected]> > wrote: > I would like to add a quick discussion of access token and refresh token > recommended deployment setup, providing clear guidelines when a refresh token > SHOULD and SHOULD NOT be issued, and when issues, how it is difference from > the access token. > > Is this a start? > > http://www.ietf.org/mail-archive/web/oauth/current/msg06362.html > > It’s time we stop trying to accommodate every possible combination and make > some hard choices. > > +1. Yes please. > > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth > > > > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
