IETF Logo Mail Archive

Re: [Gen-art] [OAUTH-WG] Gen-ART Telechat review of draft-ietf-oauth-v2-bearer-22.txt

Mike Jones <Michael.Jones@microsoft.com> Tue, 17 July 2012 16:09 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 267CC21F86B2; Tue, 17 Jul 2012 09:09:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.087
X-Spam-Level:
X-Spam-Status: No, score=-4.087 tagged_above=-999 required=5 tests=[AWL=-0.489, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2o5tMSEj2BqS; Tue, 17 Jul 2012 09:09:56 -0700 (PDT)
Received: from va3outboundpool.messaging.microsoft.com (va3ehsobe010.messaging.microsoft.com [216.32.180.30]) by ietfa.amsl.com (Postfix) with ESMTP id D4B9421F8501; Tue, 17 Jul 2012 09:09:55 -0700 (PDT)
Received: from mail36-va3-R.bigfish.com (10.7.14.237) by VA3EHSOBE007.bigfish.com (10.7.40.11) with Microsoft SMTP Server id 14.1.225.23; Tue, 17 Jul 2012 16:10:43 +0000
Received: from mail36-va3 (localhost [127.0.0.1]) by mail36-va3-R.bigfish.com (Postfix) with ESMTP id 3ED571C015E; Tue, 17 Jul 2012 16:10:43 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14HUBC101.redmond.corp.microsoft.com; RD:none; EFVD:NLI
X-SpamScore: -30
X-BigFish: VS-30(zzbb2dI98dI9371Ic85fh146fI1b0bM1432Izz1202hzz1033IL8275dhz2fh2a8h668h839hd25hf0ah107ah)
Received-SPF: pass (mail36-va3: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=Michael.Jones@microsoft.com; helo=TK5EX14HUBC101.redmond.corp.microsoft.com ; icrosoft.com ;
Received: from mail36-va3 (localhost.localdomain [127.0.0.1]) by mail36-va3 (MessageSwitch) id 1342541441393790_17963; Tue, 17 Jul 2012 16:10:41 +0000 (UTC)
Received: from VA3EHSMHS010.bigfish.com (unknown [10.7.14.237]) by mail36-va3.bigfish.com (Postfix) with ESMTP id 529AC10004C; Tue, 17 Jul 2012 16:10:41 +0000 (UTC)
Received: from TK5EX14HUBC101.redmond.corp.microsoft.com (131.107.125.8) by VA3EHSMHS010.bigfish.com (10.7.99.20) with Microsoft SMTP Server (TLS) id 14.1.225.23; Tue, 17 Jul 2012 16:10:39 +0000
Received: from TK5EX14MBXC285.redmond.corp.microsoft.com ([169.254.3.222]) by TK5EX14HUBC101.redmond.corp.microsoft.com ([157.54.7.153]) with mapi id 14.02.0309.003; Tue, 17 Jul 2012 16:10:27 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, "draft-ietf-oauth-v2-bearer.all@tools.ietf.org" <draft-ietf-oauth-v2-bearer.all@tools.ietf.org>
Thread-Topic: [OAUTH-WG] Gen-ART Telechat review of draft-ietf-oauth-v2-bearer-22.txt
Thread-Index: AQHNZAv7bvGrH6BloUOOejSa/vxJ05ctUfyAgABTR3I=
Date: Tue, 17 Jul 2012 16:10:26 +0000
Message-ID: <4E1F6AAD24975D4BA5B1680429673943667370D7@TK5EX14MBXC285.redmond.corp.microsoft.com>
References: <4F2575CE.9040001@isode.com> <4E1F6AAD24975D4BA5B16804296739436638B7AD@TK5EX14MBXC284.redmond.corp.microsoft.com> <4F27C37C.1090008@isode.com> <4F843A22.4020908@isode.com> <4F843DA1.8080703@isode.com> <500546C5.6080102@isode.com>, <50054897.3070108@cs.tcd.ie>
In-Reply-To: <50054897.3070108@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B1680429673943667370D7TK5EX14MBXC285r_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
Cc: General Area Review Team <gen-art@ietf.org>, "oauth@ietf.org" <oauth@ietf.org>, The IESG <iesg@ietf.org>
Subject: Re: [Gen-art] [OAUTH-WG] Gen-ART Telechat review of draft-ietf-oauth-v2-bearer-22.txt
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Jul 2012 16:09:57 -0000

FYI, the b64 token definition is identical to the one in draft-ietf-httpbis-p7-auth-20.  If it works there, it should work for OAuth Bearer.

-- Mike

________________________________
From: Stephen Farrell
Sent: 7/17/2012 4:12 AM
To: draft-ietf-oauth-v2-bearer.all@tools.ietf.org
Cc: General Area Review Team; oauth@ietf.org; The IESG
Subject: Re: [OAUTH-WG] Gen-ART Telechat review of draft-ietf-oauth-v2-bearer-22.txt


Folks. Please don't develop any new revisions for these
documents right now. I know you can't officially post
'em anyway, but I don't want us to get tempted to roll
new versions handling unrelated comments. (Alexey's
comments are not unrelated.)

I'd like to handle any tweaks needed as RFC editor notes
if possible.

S

On 07/17/2012 12:04 PM, Alexey Melnikov wrote:
> I am still Ok with -22, but I have 1 new comment raised by introduction
> of the base64 ABNF non terminal:
>
> I think it would be worth adding a comment for b64token that points to
> the base64 RFC. The current ABNF is too permissive (arbitrary number of
> "=" allowed at the end) and there are enough broken base64 parsers
> around (parsers that ignore everything after a "=", parsers that support
> arbitrary number of "=" at the end, etc.), so we shouldn't encourage
> creation of new ones.
>

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

v2.23.0 | Report a Bug | By Email