OAuth Core draft -28 has been published. Changes were:
- Updated the ABNF in the manner discussed by the working group, allowing
usernameandpasswordto be Unicode and restrictingclient_idandclient_secretto ASCII. - Specifies the use of the application/x-www-form-urlencoded content-type encoding method to encode the
client_idwhen used as the password for HTTP Basic.
OAuth Bearer draft -21 has also been published. Changes were:
- Changed “NOT RECOMMENDED” to “not recommended” in caveat about the URI Query Parameter method.
- Changed “other specifications may extend this specification for use with other transport protocols” to “other specifications may extend this specification for use with other protocols”.
- Changed Acknowledgements to use only ASCII characters, per the RFC style guide.
The drafts are available at:
- http://tools.ietf.org/html/draft-ietf-oauth-v2-28
- http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-21
HTML-formatted versions are available at:
- https://self-issued.info/docs/draft-ietf-oauth-v2-28.html
- https://self-issued.info/docs/draft-ietf-oauth-v2-bearer-21.html
Thanks to Eran Hammer for approving the Core draft posting.
Leave a Reply
You must be logged in to post a comment.