MAY support. We RECOMMEND support on basis of OAuth [OAUTH] and OAuth WRAP [Tom09], but implementers should take in account security advisories published on oauth.net web site. OAuth WRAP is still immature as of this writing (Nov. 2009) and can not be recommended for production use.
We have not validated whether it is possible to implement TAS3 architecture using RESTful approach.
RESTful enablement is nice to have, but should not compromise elegance of the SOAP solution and may be less capable (i.e. it is enough that the RESTful approach solves front channel use cases). RESTful approach may support more economical token formats such as Simple Web Token (SWT) [Hardt09].
TAS3 project plans to address RESTful binding in future work during 2010.