• #dev 2022-10-18
  • Prev
    Next
  • #indieweb
  • #dev
  • #wordpress
  • #meta
  • #stream
  • #microformats
  • #known
  • #events
#dev ≡
  • ←
  • →
2022-10-18 UTC
# 19:25
Zegnat It seems like a relatively OK way to shortcut some security concerns for OAuth too, would be my guess? Kinda like how IndieAuth requires special HTTP headers if your redirect_uri is on a different domain that client_id. By using well-known, the same domain assumption is built in. (Does not mean I like it over discovery, especially when you have a flag for discovery in your spec, but ey)