mkovatsc
commented
6 years ago This should be part of the scheme, as security suite versions are usually pretty stable and comprehensive (e.g., OAuth 2.0, TLS 1.2, ...).
Closed mmccool closed 6 years ago
mkovatsc
commented
6 years ago This should be part of the scheme, as security suite versions are usually pretty stable and comprehensive (e.g., OAuth 2.0, TLS 1.2, ...).
mmccool
commented
6 years ago Baking versions into the scheme name (if needed) seems to be the consensus. I propose we close this issue with that conclusion if there is no other feedback in the next couple of weeks.
mmccool
commented
6 years ago CONCLUSION: Bake version numbers into the scheme name (if necessary). Do not provide a separate versioning mechanism.
Some security schemes may have more than one version and we may want to restrict use to a certain version, or to some version or later. Do we need to support version restrictions, and if so, how?