IETF Logo Mail Archive

Re: [OAUTH-WG] A question of 1.3.1. Authorization Code in rfc6749 The OAuth 2.0 Authorization Framework

Peng Zhou <zpbrent@gmail.com> Wed, 09 January 2013 06:39 UTC

Return-Path: <zpbrent@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E36C021F87AB for <oauth@ietfa.amsl.com>; Tue, 8 Jan 2013 22:39:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gu9YSAdijOP4 for <oauth@ietfa.amsl.com>; Tue, 8 Jan 2013 22:39:38 -0800 (PST)
Received: from mail-qa0-f52.google.com (mail-qa0-f52.google.com [209.85.216.52]) by ietfa.amsl.com (Postfix) with ESMTP id 690D121F843C for <oauth@ietf.org>; Tue, 8 Jan 2013 22:39:38 -0800 (PST)
Received: by mail-qa0-f52.google.com with SMTP id d13so429329qak.18 for <oauth@ietf.org>; Tue, 08 Jan 2013 22:39:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=M/iFyvqfd5i4pJGUwEN1sax3ilAFutW8N04J0N0BsfQ=; b=OL+a8CBLVElWglYu0eD3xJ79YXA9wD/hr315XIedR8epuW18GdORmE3w3FfPcchB78 6fcOziGwuP0/KWqQIbx6MHa0XR0bzx9nnxfAoiIxTJgU3u7xJJMMeCUmodj7Evh47/D6 u4Epi3IoIqs1i1ufAACkgMKbf1oWuAczInUhvQjvr2aIYfCgc9277Pah5yn9Ya/jHjeo 12nIrTvI9MGviHpf4yAV2furxgztNsm6ExFIb0ESCILUm8ANFQcwsvy7c+cX7Co0ojx1 HjxdQ/oTCpE/joF9baXw5U5TEeQEm4cujoKBtJJ3J0dEOhFIE2UT8qIJOq1ojla6cRad ZdUA==
Received: by 10.224.71.20 with SMTP id f20mr45469041qaj.71.1357713577849; Tue, 08 Jan 2013 22:39:37 -0800 (PST)
MIME-Version: 1.0
Received: by 10.49.62.34 with HTTP; Tue, 8 Jan 2013 22:39:17 -0800 (PST)
In-Reply-To: <CAJV9qO80r93oOk-EjVukF0AUbc5-FWu8VhpVi+9WZBGzSjMrPA@mail.gmail.com>
References: <190fcb42a851f2dfe73b2614b7880046@comp.polyu.edu.hk> <CAJV9qO80r93oOk-EjVukF0AUbc5-FWu8VhpVi+9WZBGzSjMrPA@mail.gmail.com>
From: Peng Zhou <zpbrent@gmail.com>
Date: Wed, 09 Jan 2013 14:39:17 +0800
Message-ID: <CABFKGsdJtR3rX+=Puto2D40F9m4kT+rvR6EyU6mx3aEkxG5VNw@mail.gmail.com>
To: Prabath Siriwardena <prabath@wso2.com>
Content-Type: text/plain; charset="ISO-8859-1"
X-Mailman-Approved-At: Wed, 09 Jan 2013 09:04:07 -0800
Cc: oauth@ietf.org
Subject: Re: [OAUTH-WG] A question of 1.3.1. Authorization Code in rfc6749 The OAuth 2.0 Authorization Framework
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Jan 2013 06:44:08 -0000

Dear Prabath:

Thank you very much for your responses :-)

However, I am still not quite sure why the authorization code must be
sent to the client through the RO's user-agent?

Best Regards
Brent

2013/1/9 Prabath Siriwardena <prabath@wso2.com>:
> Prabath

v2.23.0 | Report a Bug | By Email