[Openid-specs-ab] Review of Multiple Response Type Encoding Practices

George Fletcher gffletch at aol.com
Thu Oct 31 20:24:00 UTC 2013

Section 1.2
   Client and Server --
            "the client requests an access restricted resource 
(Protected Resource) on the server"
           "the client requests access to a restricted resource 
(Protected Resource) on the server"

      Question: " by authenticating with the server using the Resource 
Owner's credentials."
             Are we trying to describe the pre-OAuth2 model? Or just 
that the client obtains authorization to access the Protected Resource 
often using the Resource Owner's credentials?

Section 2
   Should we explicitly spell out response_mode in the last sentence as 
in ... "if no Response Mode is specified using the 'response_mode' 
request parameter? Or is that overly redundant?

Section 2.1 : response_mode
   Second sentence: I find this a little confusing. Maybe... "The use of 
this parameter is NOT RECOMMENDED when the Response Mode value is the 
same as the default Response Mode value specified by the Response Type."

Section 2.2: second paragraph, first sentence
   "The all parameters" I think should be just "All parameters..."

Otherwise, looks good!


George Fletcher <http://connect.me/gffletch>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20131031/cbd43961/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: XeC
Type: image/png
Size: 80878 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20131031/cbd43961/attachment-0001.png>

More information about the Openid-specs-ab mailing list