Re: [OAUTH-WG] PAR - Guidance on the request URI structure needed?
Filip Skokan <panva.ip@gmail.com> Mon, 27 April 2020 08:42 UTC
Return-Path: <panva.ip@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F09C3A126C for <oauth@ietfa.amsl.com>; Mon, 27 Apr 2020 01:42:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pIEh7jrpxITF for <oauth@ietfa.amsl.com>; Mon, 27 Apr 2020 01:42:21 -0700 (PDT)
Received: from mail-yb1-xb2c.google.com (mail-yb1-xb2c.google.com [IPv6:2607:f8b0:4864:20::b2c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 387E73A1060 for <oauth@ietf.org>; Mon, 27 Apr 2020 01:42:21 -0700 (PDT)
Received: by mail-yb1-xb2c.google.com with SMTP id o198so9042192ybg.10 for <oauth@ietf.org>; Mon, 27 Apr 2020 01:42:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=+7y+yWXJTIn/BcrFjSd78aXcXPFRhP/QalHO+Ybu05g=; b=fByJVRZ5Mt1QDOIt1E8gZfbE12NTkwM5CrpBX/7wi1yAY6kQxKKOcFIiGGI/3r1s5E JJ1Zo7TYifqbdovptsmZf0XLxWfUOcrSEzqaAZo+WdnJb0/jZacMXA2vr1OR8UafEJ4C Rup7M4VYzhVWgbDJkCwUZunNHB8MWMhsSwsvOGqWogaRHD36GsKT9sovHUIxcYc9kqQU LFRazl0ULGyQRWMZrToI7D6cfAzVImXOaGpaGuJNwYbUtGjfK73JOdZnoUWlKSYSOIKa ntxZrCBGmJiqpQjpCRnK/JkDOVIDs5NqASlLx26Hc0iQLOj2rjubgkpbGEtnBQ25Jtys XyUA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=+7y+yWXJTIn/BcrFjSd78aXcXPFRhP/QalHO+Ybu05g=; b=gerHgo1Hidt6EOBQODlCf66OO9FTQUUCAt1Ff8OzeIF6Q6RRwWJRXWnb/zuZrYdZi2 26oV1rVjwoh/MBNmJMvSdBecxSlxwo4c4V3znBMd94K3BezYEHoeSu86zdFTQF4FNZYM JKFl07g2LcB2t/H1ESraikeNRJXg8hLAv9k1HffT0Wwzs7sKTDQjZo/xydANfwnTSyHj c1StDWxF/+hOrBecC7/wMm2yLM7Aw8/rS81b5frnDbPTV1H7Z/Kq9rLlfZJ3G82WSERa LciMcgyr0rDqGECCsJbSHErSfHpF5oYI4YjwlYsJQJK8H6nBU/BTcVrA9tak3xeBXZGM gMgw==
X-Gm-Message-State: AGi0PuZmjuF6lBXmBNlT6b4FOi2Q/7UP2AhI67tNANq8hBjMZPZDJvyY Km3Nt1TM/zKy69uDWzPxglejbJp9SlYfPkZ/uw==
X-Google-Smtp-Source: APiQypLR0T99oGlCyJkLMdpRG+fWO3dmldyXLohArB30Q1GP/CINtoDi6jbsJp3sfKLuS1IazOTNeK3ItZHW0JhcnV8=
X-Received: by 2002:a25:13c1:: with SMTP id 184mr32161821ybt.259.1587976940428; Mon, 27 Apr 2020 01:42:20 -0700 (PDT)
MIME-Version: 1.0
References: <A680BD1A-1E79-40C0-B325-91EEEFD7BDA5@lodderstedt.net>
In-Reply-To: <A680BD1A-1E79-40C0-B325-91EEEFD7BDA5@lodderstedt.net>
From: Filip Skokan <panva.ip@gmail.com>
Date: Mon, 27 Apr 2020 10:41:42 +0200
Message-ID: <CALAqi_-xtfcrWg0bvMTae9GkbOzCorNENpPiwt0kjzw5sgn_Mg@mail.gmail.com>
To: Torsten Lodderstedt <torsten=40lodderstedt.net@dmarc.ietf.org>
Cc: oauth <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000007222c705a441b183"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/9-w9zRDsxycwhWIhLAFrXpaH5xI>
Subject: Re: [OAUTH-WG] PAR - Guidance on the request URI structure needed?
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Apr 2020 08:42:23 -0000
I believe implementers should be free to devise their own URIs and not be locked down to one by the spec, at the same time, and RFC6755 subnamespace would be good for guidance. So, I would suggest it be RECOMMENDED to use e.g. `urn:ietf:params:oauth:request_uri:<random>` (Brian's proposal) but also that any URN or URL will do if the circumstances call for it. Best, *Filip* On Sun, 26 Apr 2020 at 17:20, Torsten Lodderstedt <torsten= 40lodderstedt.net@dmarc.ietf.org> wrote: > Hi all, > > another topic from last week’s virtual meeting. > > Shall there be guidance on the request URI structure? > > Please state your opinion. > > thanks in advance, > Torsten. > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth >
- [OAUTH-WG] PAR - Guidance on the request URI stru… Torsten Lodderstedt
- Re: [OAUTH-WG] PAR - Guidance on the request URI … Filip Skokan
- Re: [OAUTH-WG] PAR - Guidance on the request URI … Sascha Preibisch
- Re: [OAUTH-WG] PAR - Guidance on the request URI … Justin Richer
- Re: [OAUTH-WG] PAR - Guidance on the request URI … Brian Campbell
- Re: [OAUTH-WG] PAR - Guidance on the request URI … Benjamin Kaduk
- Re: [OAUTH-WG] PAR - Guidance on the request URI … Dave Tonge