- From: Eran Hammer-Lahav <eran@hueniverse.com>
- Date: Mon, 9 Mar 2009 22:44:24 -0700
- To: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
- CC: "oauth@ietf.org" <oauth@ietf.org>
Can someone please review the OAuth spec [1], in particular section 3.3.1.3, to help determine if the way OAuth signs requests is compatible with HTTP proxies? OAuth signs the request URI based on either the content of the Host header or the actual hostname and port used to make the request. It was written with total disregard to proxies and caches. I am trying to find out if it breaks or breaks something else. EHL [1] http://tools.ietf.org/html/draft-hammer-oauth-01
Received on Tuesday, 10 March 2009 05:45:05 UTC