OpenID/Oauth hybrid [was Re: specs Digest, Vol 27, Issue 3]

Allen Tom atom at yahoo-inc.com
Sat Nov 22 00:11:31 UTC 2008


A couple minor edits are needed to Section 12: Security Considerations.

I assume that the response_token in Section 12 is the same as the 
request_token in Section 9. The terminology needs to be consistent.

"Is" shoudl be changed to "are" in the phrase "The following security 
principles is reflected in this design"

Otherwise, the spec is looking pretty good!

Allen

Dirk Balfanz wrote:
>
> Ok, new version is up. I took out the sentence that recommended to 
> send a cancel. I also added a section on discovery (just copied 
> whatever the AX extension says about that).



More information about the specs mailing list