Hopefully final versions of the OAuth Core and Bearer specs have been published. These versions correct an editorial issue with the security clarification made in Core -30 and remove David Recordon from the author lists, at his request.
The specifications are available at:
- http://tools.ietf.org/html/draft-ietf-oauth-v2-31
- http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-23
Changes in http://tools.ietf.org/html/draft-ietf-oauth-v2-31 are:
- Clarify that any client can send client_id but that sending it is only required when using the code flow if the client is not otherwise authenticated.
- Removed David Recordon’s name from the author list, at his request.
Changes in http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-23 are:
- Removed David Recordon’s name from the author list, at his request.
HTML-formatted versions are available at:
Leave a Reply
You must be logged in to post a comment.