On 10/07/2011 04:21 PM, Phillip Hallam-Baker wrote:
On Fri, Oct 7, 2011 at 4:54 AM, Stephen Farrell
<[email protected]>wrote:
Hi Phill,
Oauth [1] uses ""application/x-www-form-**urlencoded" format as defined by
[W3C.REC-html401-19991224]" all over the place to solve basically
this problem but in the context of HTTP URLs which has to be worse
than for a new URI scheme.
Why not do the same here?
S.
[1]
http://tools.ietf.org/html/**draft-ietf-oauth-v2-22#**section-4.1.1<http://tools.ietf.org/html/draft-ietf-oauth-v2-22#section-4.1.1>
That works for me. It is easy enough to do in scripting.
May even be possible to use the plain base64 in the ni form of the
identifier and form encode it when using it to form a URL (or whatever else
required in a protocol).
Actually, you're right - that's better. Just use b64 here and note
that protocols might have to urlencode. If it turns out to be a
problem we can fix later.
S.
_______________________________________________
websec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/websec
