Thanks, Terrell.I'll push out a new version here in a few minutes -- I cleaned up a few other matters after consulting the core OAuth spec.
Terrell Russell wrote:
I had noticed that as well - I think the from&to is a solid expectation. I second it. Terrell Peter Saint-Andre wrote:Also I'd like to swap the 'from' and 'to' addresses in the signature generation algorithm so that the "request URL" is the 'from' address of the XMPP stanza concatenated with the ampersand character "&" and the 'to' address of the XMPP stanza (i.e., NOT 'to'&'from') -- I think that's more natural (from then to, not to then from) and follows the order produced by XML canonicalization.Objections? /psa
smime.p7s
Description: S/MIME Cryptographic Signature
