IETF Logo Mail Archive

Re: [OAUTH-WG] 'Scope' parameter proposal

Eran Hammer-Lahav <eran@hueniverse.com> Mon, 19 April 2010 18:15 UTC

Return-Path: <eran@hueniverse.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C036A3A6A0D for <oauth@core3.amsl.com>; Mon, 19 Apr 2010 11:15:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.467
X-Spam-Level:
X-Spam-Status: No, score=-2.467 tagged_above=-999 required=5 tests=[AWL=0.132, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pPtgUPhnrmwk for <oauth@core3.amsl.com>; Mon, 19 Apr 2010 11:15:12 -0700 (PDT)
Received: from p3plex1out02.prod.phx3.secureserver.net (p3plex1out02.prod.phx3.secureserver.net [72.167.180.18]) by core3.amsl.com (Postfix) with SMTP id 058A63A692A for <oauth@ietf.org>; Mon, 19 Apr 2010 11:14:39 -0700 (PDT)
Received: (qmail 7637 invoked from network); 19 Apr 2010 18:14:31 -0000
Received: from unknown (HELO smtp.ex1.secureserver.net) (72.167.180.19) by p3plex1out02.prod.phx3.secureserver.net with SMTP; 19 Apr 2010 18:14:31 -0000
Received: from P3PW5EX1MB01.EX1.SECURESERVER.NET ([10.6.135.20]) by P3PW5EX1HT001.EX1.SECURESERVER.NET ([72.167.180.19]) with mapi; Mon, 19 Apr 2010 11:14:29 -0700
From: Eran Hammer-Lahav <eran@hueniverse.com>
To: Marius Scurtescu <mscurtescu@google.com>
Date: Mon, 19 Apr 2010 11:14:33 -0700
Thread-Topic: [OAUTH-WG] 'Scope' parameter proposal
Thread-Index: Acrf6q3ADNWNgVwCQsqW0aYYqdCG2wAAS9kQ
Message-ID: <90C41DD21FB7C64BB94121FBBC2E723438E5C7F17F@P3PW5EX1MB01.EX1.SECURESERVER.NET>
References: <C7F1D1FC.32809%eran@hueniverse.com> <j2q74caaad21004191103l488ae334j78d5546479f66cb8@mail.gmail.com>
In-Reply-To: <j2q74caaad21004191103l488ae334j78d5546479f66cb8@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: OAuth WG <oauth@ietf.org>
Subject: Re: [OAUTH-WG] 'Scope' parameter proposal
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Apr 2010 18:15:15 -0000

> -----Original Message-----
> From: Marius Scurtescu [mailto:mscurtescu@google.com]
> Sent: Monday, April 19, 2010 11:04 AM
> To: Eran Hammer-Lahav
> Cc: OAuth WG
> Subject: Re: [OAUTH-WG] 'Scope' parameter proposal
> 
> On Mon, Apr 19, 2010 at 9:25 AM, Eran Hammer-Lahav
> <eran@hueniverse.com> wrote:
> > Proposal:
> >
> > 'scope' is defined as a comma-separated list of resource URIs or
> > resource groups (e.g. contacts, photos).
> 
> How will commas in URIs be escaped? We just forbid them?
> 
> If the scope elements are URIs then a space separated list is much safer, URIs
> cannot contain spaces.

Yep. I noted that in my proposal.

> But, I still don't see the point on trying to define the scope structure.

The same point in defining any other parameter - interop. I still haven't heard an argument for not defining it. By definition everything we add to the spec is meant to increase interop and should be well specified. If you want to leave someone under specified, the burden is on your to argue why, not on me to argue for it.

EHL

v2.23.0 | Report a Bug | By Email