Yes, this change is tracked in the issue tracker as issue #27: Incorporate
bearer "scope" character restrictions into the base spec.
-- Mike
-----Original Message-----
From: [email protected] [mailto:[email protected]] On Behalf Of
Julian Reschke
Sent: Friday, October 28, 2011 2:04 AM
To: Eran Hammer-Lahav
Cc: OAuth WG
Subject: Re: [OAUTH-WG] draft-ietf-oauth-v2-bearer-09: Open Issues & Proposed
Resolutions
On 2011-10-17 20:53, Eran Hammer-Lahav wrote:
> All I agree with is to limit the scope character-set in the v2 spec to the
> subset of ASCII allowed in HTTP header quoted-string, excluding " and \ so no
> escaping is needed, ever.
> ...
I noticed that this hasn't been done yet, but the bearer spec, for which
publication was just requested, kind of assumes it *will* be done.
Are mechanisms in place to ensure that this change indeed happens?
Best regards, Julian
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
