[OAUTH-WG] Clarification on whether arguments can contain empty values
Andrew Arnott <andrewarnott@gmail.com> Tue, 15 June 2010 13:55 UTC
Return-Path: <andrewarnott@gmail.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D97523A67D6 for <oauth@core3.amsl.com>; Tue, 15 Jun 2010 06:55:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.431
X-Spam-Level:
X-Spam-Status: No, score=-0.431 tagged_above=-999 required=5 tests=[AWL=-0.433, BAYES_50=0.001, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mid4Bt8wituM for <oauth@core3.amsl.com>; Tue, 15 Jun 2010 06:55:59 -0700 (PDT)
Received: from mail-gw0-f44.google.com (mail-gw0-f44.google.com [74.125.83.44]) by core3.amsl.com (Postfix) with ESMTP id D63A83A67D4 for <oauth@ietf.org>; Tue, 15 Jun 2010 06:55:58 -0700 (PDT)
Received: by gwj16 with SMTP id 16so3343906gwj.31 for <oauth@ietf.org>; Tue, 15 Jun 2010 06:56:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:content-type; bh=CT7JCxR8kl2AqMaT7qUCcgFzbzmuLFRybIZLwW+RfE4=; b=BCnKMsy6iptOIwyekU0Qjrf/9Q554ofXY63fCQ/oFQMgu5m2RH/1egN+MAauudC3JH eeLkX/CUSuEGQfLA9ryALK+aIwvd/Y0J9C1mUay6OBlW7ROwxpZsgvcIhyMHXd2M8J26 a209YD+aVOWf0Y/WxL3eOri/8kciXLlhqWtQQ=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=ji7ADlZIsTepcFtQpDu5+WczwtB67bi9vKdmME+XYLNFjBl3+5EWi0w6AZ9lwHa6C9 I7WUm3lTXANCrdc8XYW2LWTCXAyv3hWNHbfiON0Z+9x1CLXHHncBAmrv3jysyWcQEDXU fq+cZuQhfwDOFXej5Xzdt6fAQeE6VtlxHxwng=
MIME-Version: 1.0
Received: by 10.150.94.6 with SMTP id r6mr8579153ybb.306.1276610159373; Tue, 15 Jun 2010 06:55:59 -0700 (PDT)
Received: by 10.151.26.19 with HTTP; Tue, 15 Jun 2010 06:55:58 -0700 (PDT)
Date: Tue, 15 Jun 2010 06:55:58 -0700
Message-ID: <AANLkTilaQF2ekUiICodnfDcaN67YACulK4xqoAGVFkox@mail.gmail.com>
From: Andrew Arnott <andrewarnott@gmail.com>
To: "OAuth WG (oauth@ietf.org)" <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="000e0cd6e7e611271c048911f724"
Subject: [OAUTH-WG] Clarification on whether arguments can contain empty values
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Jun 2010 13:55:59 -0000
Can we get some clarification into the spec as to whether optional parameters can be present but empty? Particularly parameters such as tokens that obviously cannot be meaningful when having an empty value. This was a muddy issue in the OpenID spec, where some implementations would include empty parameters rather than just omitting them, breaking other implementations that would expect that if the parameter is present it ought to have a meaningful value. My own vote: parameters must have valid values (non-empty) if they are present, unless they are opaque strings (like client state) that the remote party doesn't have to do anything but imitate back anyway. -- Andrew Arnott "I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
- [OAUTH-WG] Clarification on whether arguments can… Andrew Arnott
- Re: [OAUTH-WG] Clarification on whether arguments… Eran Hammer-Lahav
- Re: [OAUTH-WG] Clarification on whether arguments… Eran Hammer-Lahav
- Re: [OAUTH-WG] Clarification on whether arguments… Andrew Arnott