2018-10-02 UTC
# Loqi aaronpk: sknebel left you a message 6 hours, 2 minutes ago: re that oauth draft, details on how *exactly* one is supposed to verify the signature seems missing. I guess without it there is a small loss (no registered callback url, but at least same domain could still be enforced/warned about)