Re: [OAUTH-WG] [Gen-art] Gen-ART Telechat review of draft-ietf-oauth-v2-bearer-22.txt
Mike Jones <Michael.Jones@microsoft.com> Tue, 17 July 2012 17:15 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 143B011E8091; Tue, 17 Jul 2012 10:15:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.786
X-Spam-Level:
X-Spam-Status: No, score=-3.786 tagged_above=-999 required=5 tests=[AWL=-0.187, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fqm6jJkIzdmQ; Tue, 17 Jul 2012 10:15:25 -0700 (PDT)
Received: from va3outboundpool.messaging.microsoft.com (va3ehsobe001.messaging.microsoft.com [216.32.180.11]) by ietfa.amsl.com (Postfix) with ESMTP id 146D511E808E; Tue, 17 Jul 2012 10:15:24 -0700 (PDT)
Received: from mail1-va3-R.bigfish.com (10.7.14.252) by VA3EHSOBE002.bigfish.com (10.7.40.22) with Microsoft SMTP Server id 14.1.225.23; Tue, 17 Jul 2012 17:16:12 +0000
Received: from mail1-va3 (localhost [127.0.0.1]) by mail1-va3-R.bigfish.com (Postfix) with ESMTP id CB57F18010A; Tue, 17 Jul 2012 17:16:11 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14HUBC107.redmond.corp.microsoft.com; RD:none; EFVD:NLI
X-SpamScore: -35
X-BigFish: VS-35(zzbb2dI98dI9371I936eI1b0bM542M1432Izz1202hzz1033ILz2fh2a8h668h839h944hd25hf0ah107ah)
Received-SPF: pass (mail1-va3: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=Michael.Jones@microsoft.com; helo=TK5EX14HUBC107.redmond.corp.microsoft.com ; icrosoft.com ;
Received: from mail1-va3 (localhost.localdomain [127.0.0.1]) by mail1-va3 (MessageSwitch) id 1342545369416345_11995; Tue, 17 Jul 2012 17:16:09 +0000 (UTC)
Received: from VA3EHSMHS010.bigfish.com (unknown [10.7.14.247]) by mail1-va3.bigfish.com (Postfix) with ESMTP id 57BC8200047; Tue, 17 Jul 2012 17:16:09 +0000 (UTC)
Received: from TK5EX14HUBC107.redmond.corp.microsoft.com (131.107.125.8) by VA3EHSMHS010.bigfish.com (10.7.99.20) with Microsoft SMTP Server (TLS) id 14.1.225.23; Tue, 17 Jul 2012 17:16:06 +0000
Received: from TK5EX14MBXC285.redmond.corp.microsoft.com ([169.254.3.222]) by TK5EX14HUBC107.redmond.corp.microsoft.com ([157.54.80.67]) with mapi id 14.02.0309.003; Tue, 17 Jul 2012 17:16:00 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Alexey Melnikov <alexey.melnikov@isode.com>, Julian Reschke <julian.reschke@gmx.de>
Thread-Topic: [Gen-art] [OAUTH-WG] Gen-ART Telechat review of draft-ietf-oauth-v2-bearer-22.txt
Thread-Index: AQHNZD3vCk3C3nvT8kKfnQJiKzoYkJcttNUg
Date: Tue, 17 Jul 2012 17:15:59 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739436673743F@TK5EX14MBXC285.redmond.corp.microsoft.com>
References: <4F2575CE.9040001@isode.com> <4E1F6AAD24975D4BA5B16804296739436638B7AD@TK5EX14MBXC284.redmond.corp.microsoft.com> <4F27C37C.1090008@isode.com> <4F843A22.4020908@isode.com> <4F843DA1.8080703@isode.com> <500546C5.6080102@isode.com>, <50054897.3070108@cs.tcd.ie> <4E1F6AAD24975D4BA5B1680429673943667370D7@TK5EX14MBXC285.redmond.corp.microsoft.com> <50059598.3030304@gmx.de> <50059A95.7050904@isode.com>
In-Reply-To: <50059A95.7050904@isode.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.76]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
Cc: General Area Review Team <gen-art@ietf.org>, The IESG <iesg@ietf.org>, "draft-ietf-oauth-v2-bearer.all@tools.ietf.org" <draft-ietf-oauth-v2-bearer.all@tools.ietf.org>, "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] [Gen-art] Gen-ART Telechat review of draft-ietf-oauth-v2-bearer-22.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Jul 2012 17:15:26 -0000
For clarity of discussion, the definition in question is:
b64token = 1*( ALPHA / DIGIT /
"-" / "." / "_" / "~" / "+" / "/" ) *"="
Note that b64token is a liberal syntax intended to permit base64 encoded content (hence the inclusion of the "+" and "/" characters and the optional trailing "=" characters), base64url encoded content (hence the inclusion of the "-" and "_" characters) and other URL-safe productions (hence the inclusion of the "." and "~" characters).
Its use is definitely not intended to be restricted to base64 encoded content, per RFC 4648. If it were so restricted (by not allowing ".", for instance), this would exclude the use of JWTs as bearer tokens, for instance, which is something we *definitely* want to allow.
As a result, I don't think adding a reference to RFC 4648 is either necessary or appropriate.
Julian may be able to provide more background.
Best wishes,
-- Mike
-----Original Message-----
From: Alexey Melnikov [mailto:alexey.melnikov@isode.com]
Sent: Tuesday, July 17, 2012 10:02 AM
To: Julian Reschke; Mike Jones
Cc: The IESG; General Area Review Team; oauth@ietf.org; draft-ietf-oauth-v2-bearer.all@tools.ietf.org; Stephen Farrell
Subject: Re: [Gen-art] [OAUTH-WG] Gen-ART Telechat review of draft-ietf-oauth-v2-bearer-22.txt
On 17/07/2012 17:40, Julian Reschke wrote:
> On 2012-07-17 18:10, Mike Jones wrote:
>> FYI, the b64 token definition is identical to the one in
>> draft-ietf-httpbis-p7-auth-20. If it works there, it should work for
>> OAuth Bearer.
>> ...
>
> +1; not every constraint needs to be expressed in the ABNF. "b64token"
> is here so recipients can parse the header field; it's up to the auth
> scheme to state what the addition constraints are; and that can happen
> in prose.
I didn't say that it has to be expressed in ABNF (although I obviously wouldn't mind). I would like an ABNF comment pointing to the document which defines base64.
- Re: [OAUTH-WG] Gen-ART review of draft-ietf-oauth… Mike Jones
- Re: [OAUTH-WG] Gen-ART review of draft-ietf-oauth… Alexey Melnikov
- Re: [OAUTH-WG] Gen-ART review of draft-ietf-oauth… Alexey Melnikov
- Re: [OAUTH-WG] Gen-ART review of draft-ietf-oauth… Stephen Farrell
- Re: [OAUTH-WG] [Gen-art] Gen-ART review of draft-… Alexey Melnikov
- [OAUTH-WG] Gen-ART Telechat review of draft-ietf-… Alexey Melnikov
- Re: [OAUTH-WG] Gen-ART Telechat review of draft-i… Justin Richer
- [OAUTH-WG] where do error codes go?, was: Gen-ART… Julian Reschke
- [OAUTH-WG] Gen-ART Telechat review of draft-ietf-… Alexey Melnikov
- Re: [OAUTH-WG] Gen-ART Telechat review of draft-i… Stephen Farrell
- Re: [OAUTH-WG] Gen-ART Telechat review of draft-i… Mike Jones
- Re: [OAUTH-WG] Gen-ART Telechat review of draft-i… Julian Reschke
- Re: [OAUTH-WG] [Gen-art] Gen-ART Telechat review … Alexey Melnikov
- Re: [OAUTH-WG] [Gen-art] Gen-ART Telechat review … Mike Jones
- Re: [OAUTH-WG] [Gen-art] Gen-ART Telechat review … Julian Reschke
- Re: [OAUTH-WG] [Gen-art] Gen-ART Telechat review … Mike Jones
- Re: [OAUTH-WG] [Gen-art] Gen-ART Telechat review … Julian Reschke
- Re: [OAUTH-WG] [Gen-art] Gen-ART Telechat review … Mike Jones
- Re: [OAUTH-WG] [Gen-art] Gen-ART Telechat review … Alexey Melnikov
- Re: [OAUTH-WG] [Gen-art] Gen-ART Telechat review … Julian Reschke
- Re: [OAUTH-WG] [Gen-art] Gen-ART Telechat review … Julian Reschke