OpenID/Oauth hybrid [was Re: specs Digest, Vol 27, Issue 3]

Dirk Balfanz balfanz at google.com
Tue Nov 25 00:06:08 UTC 2008


BTW, I reorganized the SVN layout on the server a little bit. The old URL
now points to an old version of the draft. The latest version will from now
on always be here:
http://step2.googlecode.com/svn/spec/openid_oauth_extension/latest/openid_oauth_extension.html
Dirk.

On Fri, Nov 21, 2008 at 4:11 PM, Allen Tom <atom at yahoo-inc.com> wrote:

> A couple minor edits are needed to Section 12: Security Considerations.
>
> I assume that the response_token in Section 12 is the same as the
> request_token in Section 9. The terminology needs to be consistent.
>
> "Is" shoudl be changed to "are" in the phrase "The following security
> principles is reflected in this design"
>
> Otherwise, the spec is looking pretty good!
>
> Allen
>
>
> Dirk Balfanz wrote:
>
>>
>> Ok, new version is up. I took out the sentence that recommended to send a
>> cancel. I also added a section on discovery (just copied whatever the AX
>> extension says about that).
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20081124/74e9ac6a/attachment-0002.htm>


More information about the specs mailing list