#320: add advice on defining auth scheme parameters

(copied from new ticket, triggered from current discussion over in the 
oauth WG:)

When new schemes define new auth parameters, they of course need to 
stick to the base syntax.

In theory they *can* profile the allowable syntax, but doing so will not 
work well with consumers that use auth-scheme-agnostic parsers. It's 
thus best to define auth params based on what a parser would return 
*after* processing quoted-strings.

Received on Thursday, 27 October 2011 20:03:55 UTC