Re: [OAUTH-WG] feedback on 4/17 draft
Dick Hardt <dick.hardt@gmail.com> Tue, 20 April 2010 04:06 UTC
Return-Path: <dick.hardt@gmail.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4E1583A6968 for <oauth@core3.amsl.com>; Mon, 19 Apr 2010 21:06:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WcIgKH4R2me3 for <oauth@core3.amsl.com>; Mon, 19 Apr 2010 21:06:50 -0700 (PDT)
Received: from mail-px0-f172.google.com (mail-px0-f172.google.com [209.85.212.172]) by core3.amsl.com (Postfix) with ESMTP id 2C6AF3A67A1 for <oauth@ietf.org>; Mon, 19 Apr 2010 21:06:47 -0700 (PDT)
Received: by pxi19 with SMTP id 19so152190pxi.31 for <oauth@ietf.org>; Mon, 19 Apr 2010 21:06:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:received:message-id:subject:from:to:cc:content-type; bh=DCO8p3KDRvybF6K4+ABkUTxR1GrCQbJ2QJNJwBVWybQ=; b=vUoJVUokh2vBC36cP3PEVVilHIIG4+4FHsfUWXh+dIDJWoy6BC5PBK+Djx41L+4eNc nMVOuZphOvxKZfcUZXSfyDJXjlUPuRabqjR+DvapHh4t6whVSmPokipqWHFunUmqUR+X hOny84xOi57oVnzT6q/xDbVf6+zaw45WBZqso=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=YM5m2hJ6N9DZEvbFmQExFf21BrIT/9jGDvHFI84fg8h22Ow/xPdFZsnJwFx4S5hq0d LX2reRM9VmMw98cd6N0L28yLyz+s6zpjwsIg9Gbb0NqpihZkMidX6yezHVWbdBHWGc2B XgyXw2AThnxBR6or8lTTt8tjAhsFNDXzSVOvA=
MIME-Version: 1.0
Received: by 10.142.58.3 with HTTP; Mon, 19 Apr 2010 21:06:34 -0700 (PDT)
In-Reply-To: <u2o74caaad21004192003rfe0b25ffpbbe648e6e493b568@mail.gmail.com>
References: <u2o74caaad21004192003rfe0b25ffpbbe648e6e493b568@mail.gmail.com>
Date: Mon, 19 Apr 2010 21:06:34 -0700
Received: by 10.142.75.17 with SMTP id x17mr2569992wfa.46.1271736394610; Mon, 19 Apr 2010 21:06:34 -0700 (PDT)
Message-ID: <h2x987bab591004192106pc573babak8d7c6e810dd7c970@mail.gmail.com>
From: Dick Hardt <dick.hardt@gmail.com>
To: Marius Scurtescu <mscurtescu@google.com>
Content-Type: multipart/alternative; boundary="001636e1fb600cced70484a334c5"
Cc: OAuth WG <oauth@ietf.org>
Subject: Re: [OAUTH-WG] feedback on 4/17 draft
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Apr 2010 04:06:53 -0000
On Mon, Apr 19, 2010 at 8:03 PM, Marius Scurtescu <mscurtescu@google.com>wrote: > Hi Eran, > > The spec looks really good, thanks for all the work you put into it. > > I think it was a good idea to remove the 401 responses and use only 400. > > In WRAP we had used 401s when the client credentials were invalid and 400 when the parameters were invalid in an attempt to stick with HTTP error codes. I agree that is is better to consistently return 400 and an optional error parameter that provides more clarity to the developer on what caused the error. -- Dick
- [OAUTH-WG] feedback on 4/17 draft Marius Scurtescu
- Re: [OAUTH-WG] feedback on 4/17 draft Dick Hardt
- Re: [OAUTH-WG] feedback on 4/17 draft Eran Hammer-Lahav
- Re: [OAUTH-WG] feedback on 4/17 draft Marius Scurtescu
- Re: [OAUTH-WG] feedback on 4/17 draft Eran Hammer-Lahav
- Re: [OAUTH-WG] feedback on 4/17 draft Marius Scurtescu
- Re: [OAUTH-WG] feedback on 4/17 draft Eran Hammer-Lahav