Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-urn-sub-ns-03.txt

Barry Leiba <> Thu, 21 June 2012 19:28 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 44F1821F86DD for <>; Thu, 21 Jun 2012 12:28:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -102.934
X-Spam-Status: No, score=-102.934 tagged_above=-999 required=5 tests=[AWL=0.043, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 4So7QS9X1qe8 for <>; Thu, 21 Jun 2012 12:28:25 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 1E80221F86C3 for <>; Thu, 21 Jun 2012 12:28:24 -0700 (PDT)
Received: by lbbgo11 with SMTP id go11so2805340lbb.31 for <>; Thu, 21 Jun 2012 12:28:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; bh=6kudO4jogEPZH7TDfxI/N20rKzLiPrlk+FxY3t6gooE=; b=BjbMI12aWAOwDtxLHaEWHJ1HK6Z8+eDx4N7H4pwqXKIdQsdzICj1iCkoIoaIDIvt8u 4U33ipT170bnG4Pp+G2A5SqQW71qPQmPe7yIPt4MSdj7/FdX3a7VoUNf6BZ9s7eD01V7 xygFJjpz3/ALKkYwAbixXGzfaAzjaOoVLDvRs5suCQ/fLn8+72FJM/q243P2Fy4sT7If gw/5Uv1d2Sq2FsS+utJ0Ubupy6HREMtvF950lenyGimVFLiwe7Fhuk5McKW7po/6Q6QT xypa0QvxP+UlQ3uUfGd2GDXlad8CK5UAQToIWEtl/I5iAPXB5BaMbWzWhx/4/VrWMeiC syIg==
MIME-Version: 1.0
Received: by with SMTP id r9mr274852lby.66.1340306904046; Thu, 21 Jun 2012 12:28:24 -0700 (PDT)
Received: by with HTTP; Thu, 21 Jun 2012 12:28:23 -0700 (PDT)
In-Reply-To: <>
References: <>
Date: Thu, 21 Jun 2012 15:28:23 -0400
X-Google-Sender-Auth: wx7TYHGVED09rZtx6f8jgRcJW9A
Message-ID: <>
From: Barry Leiba <>
To: OAuth WG <>
Content-Type: text/plain; charset="ISO-8859-1"
Subject: Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-urn-sub-ns-03.txt
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 21 Jun 2012 19:28:26 -0000

This one's mostly there.  As Mike and Hannes are discussing, the WG
needs to sort out exactly what goes under "oauth" here.

Here's a suggestion:
Have Section 3 specify that what comes after "oauth" are one or more
tokens, delimited by ":".
Have Section 3 create the registry for the first-level token, "class".
 In your example, that's "grant-type".
Have Section 3 specify that the definition of each "class" token
specifies what comes after it -- how many tokens, and the meaning(s).
Have Section 3 note that certain classes might create new
sub-registries for what goes under them, if necessary.
Have Section 3 note that certain classes might have *no* further
tokens under them.

I realize that there might not be any use cases envisioned right now
for that last one, but it might be a bad idea to forbid it.

Section 5:

   o  Repository: [[not sure about this? this document or]]

Yeh, I've never been sure about that either.  I think what you want
here is "[[The registry created in Section 3.]]".
See RFC 6134 for how I did this with the "sieve" namespace.