I hadn't set out to make the introspection draft parallel to the
revocation draft, but I see no reason that these two items couldn't be
incorporated with the same language and semantics.
-- Justin
On 03/07/2013 10:23 AM, Todd W Lainhart wrote:
I forgot to include the "token_type_hint" parameter in the baseline
compare (i.e. revocation includes it as optional, introspection does not).
*
Todd Lainhart
Rational software
IBM Corporation
550 King Street, Littleton, MA 01460-1250**
1-978-899-4705
2-276-4705 (T/L)
[email protected]*
From: Todd W Lainhart/Lexington/IBM@IBMUS
To: "IETF oauth WG" <[email protected]>,
Date: 03/07/2013 10:17 AM
Subject: [OAUTH-WG] draft-richer-oauth-introspection-03
Sent by: [email protected]
------------------------------------------------------------------------
Hi Justin -
I'm comparing:
_
__http://tools.ietf.org/html/draft-richer-oauth-introspection-03_
...with:
_
__http://tools.ietf.org/html/draft-ietf-oauth-revocation-05_
for symmetry.
If that's appropriate, and if I use revocation as the baseline, I'm
wondering why introspection supports GET in addition to POST, and
doesn't require TLS (i.e. revocation only supports POST, and requires
TLS).
*
Todd Lainhart
Rational software
IBM Corporation
550 King Street, Littleton, MA 01460-1250**
1-978-899-4705
2-276-4705 (T/L)
[email protected]*
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
