[OAUTH-WG] OAuth 2.0 Bearer Token Specification Draft -16

Mike Jones <Michael.Jones@microsoft.com> Mon, 30 January 2012 19:43 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 590E921F85D2; Mon, 30 Jan 2012 11:43:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.758
X-Spam-Status: No, score=-3.758 tagged_above=-999 required=5 tests=[AWL=-0.160, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id BWmf39VQ-fqb; Mon, 30 Jan 2012 11:43:13 -0800 (PST)
Received: from DB3EHSOBE001.bigfish.com (db3ehsobe002.messaging.microsoft.com []) by ietfa.amsl.com (Postfix) with ESMTP id CD9BA21F850D; Mon, 30 Jan 2012 11:43:12 -0800 (PST)
Received: from mail99-db3-R.bigfish.com ( by DB3EHSOBE001.bigfish.com ( with Microsoft SMTP Server id; Mon, 30 Jan 2012 19:43:11 +0000
Received: from mail99-db3 (localhost []) by mail99-db3-R.bigfish.com (Postfix) with ESMTP id 1877E1A02E7; Mon, 30 Jan 2012 19:43:11 +0000 (UTC)
X-SpamScore: -19
X-BigFish: VS-19(zzc85fhzz1202hzz1033IL8275eh8275bh8275dha1495iz2fhc1bhc31hc1ahc1bhc31hc1ah2a8h668h839h)
X-Forefront-Antispam-Report: CIP:; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14HUBC105.redmond.corp.microsoft.com; RD:none; EFVD:NLI
Received-SPF: pass (mail99-db3: domain of microsoft.com designates as permitted sender) client-ip=; envelope-from=Michael.Jones@microsoft.com; helo=TK5EX14HUBC105.redmond.corp.microsoft.com ; icrosoft.com ;
Received: from mail99-db3 (localhost.localdomain []) by mail99-db3 (MessageSwitch) id 1327952588724882_26700; Mon, 30 Jan 2012 19:43:08 +0000 (UTC)
Received: from DB3EHSMHS002.bigfish.com (unknown []) by mail99-db3.bigfish.com (Postfix) with ESMTP id A9DB81C0278; Mon, 30 Jan 2012 19:43:08 +0000 (UTC)
Received: from TK5EX14HUBC105.redmond.corp.microsoft.com ( by DB3EHSMHS002.bigfish.com ( with Microsoft SMTP Server (TLS) id; Mon, 30 Jan 2012 19:43:07 +0000
Received: from TK5EX14MBXC284.redmond.corp.microsoft.com ([]) by TK5EX14HUBC105.redmond.corp.microsoft.com ([]) with mapi id 14.02.0247.005; Mon, 30 Jan 2012 11:42:34 -0800
From: Mike Jones <Michael.Jones@microsoft.com>
To: "oauth@ietf.org" <oauth@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>
Thread-Topic: OAuth 2.0 Bearer Token Specification Draft -16
Thread-Index: Aczfh0f3Dd/+wXTgQaiZVcyGxsaUGw==
Date: Mon, 30 Jan 2012 19:42:33 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739436638D04A@TK5EX14MBXC284.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B16804296739436638D04ATK5EX14MBXC284r_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
Subject: [OAUTH-WG] OAuth 2.0 Bearer Token Specification Draft -16
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Jan 2012 19:43:14 -0000

Draft 16 of the OAuth 2.0 Bearer Token Specification<http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer> has been published.  This version contains a proposed resolution to the auth-param syntax issue that has been reviewed by Julian Reschke, Mark Nottingham, and the OAuth WG chairs.  It also addresses the Gen-ART review comments by Alexey Melnikov.

It contains the following changes:

  *   Use the HTTPbis auth-param syntax for Bearer challenge attributes.
  *   Dropped the sentence "The realm value is intended for programmatic use and is not meant to be displayed to end users".
  *   Reordered form-encoded body parameter description bullets for better readability.
  *   Added [USASCII] reference.

The draft is available at:

*         http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-16
A HTML-formatted version is available at:

*         http://self-issued.info/docs/draft-ietf-oauth-v2-bearer-16.html

                                                            -- Mike