We're starting to make enough invasive changes that reading it through more comprehensively is a good idea, but here are the difference sets to pay close attention to:

Domenico has done some nice flowchart-y graphics around the notion of "authorization process", "authorization interface", and the new token landscape we can look at together tomorrow.

Let's see if we can get quorum, cement decisions around this direction, and settle on set math decisions (what flexibility does the RS have? what are the parameters within which the client works? how does this all work when it's possible to register multiple resource sets when getting a permission ticket?) tomorrow.