[Openid-specs-ab] Review Comments on Multiple Response Types
torsten at lodderstedt.net
Thu Nov 7 01:49:00 UTC 2013
here are my review comments on Multiple Response Types.
"For purposes of this specification, the default Response Mode for the
OAuth 2.0 code response_type is the query encoding. For purposes of this
specification, the default Response Mode for the OAuth 2.0 token
response_type is the fragment encoding." - I would suggest to format
code, token, query and fragment as key words (instead of response_type),
this will aid the reader to map the corresponding concepts.
4. None Response Type
What is this response type used for?
Example: I think it would make sense to show fragment encoding of a
hybrid response type including “code”, e.g. "code id_token" in order to
show the expected default encoding behavior if any fragment encoded
artifact is present (as described in this section).
More information about the Openid-specs-ab