[OAUTH-WG] OAuth 2.0 Bearer Token Specification draft -06
Mike Jones <Michael.Jones@microsoft.com> Thu, 23 June 2011 00:53 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C4DB228013 for <oauth@ietfa.amsl.com>; Wed, 22 Jun 2011 17:53:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.598
X-Spam-Level:
X-Spam-Status: No, score=-10.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j-8Ay+gPrQmR for <oauth@ietfa.amsl.com>; Wed, 22 Jun 2011 17:53:23 -0700 (PDT)
Received: from smtp.microsoft.com (mailb.microsoft.com [131.107.115.215]) by ietfa.amsl.com (Postfix) with ESMTP id B805F22800E for <oauth@ietf.org>; Wed, 22 Jun 2011 17:53:23 -0700 (PDT)
Received: from TK5EX14HUBC104.redmond.corp.microsoft.com (157.54.80.25) by TK5-EXGWY-E802.partners.extranet.microsoft.com (10.251.56.168) with Microsoft SMTP Server (TLS) id 8.2.176.0; Wed, 22 Jun 2011 17:53:23 -0700
Received: from TK5EX14MBXC202.redmond.corp.microsoft.com ([169.254.2.193]) by TK5EX14HUBC104.redmond.corp.microsoft.com ([157.54.80.25]) with mapi id 14.01.0289.008; Wed, 22 Jun 2011 17:53:23 -0700
From: Mike Jones <Michael.Jones@microsoft.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: OAuth 2.0 Bearer Token Specification draft -06
Thread-Index: AcwxP+0eZ6OA/RCvSTCCsjpx71EG9w==
Date: Thu, 23 Jun 2011 00:53:21 +0000
Message-ID: <4E1F6AAD24975D4BA5B168042967394348D04A47@TK5EX14MBXC202.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.71]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B168042967394348D04A47TK5EX14MBXC202r_"
MIME-Version: 1.0
Subject: [OAUTH-WG] OAuth 2.0 Bearer Token Specification draft -06
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jun 2011 00:53:25 -0000
I've published draft 06<http://self-issued.info/docs/draft-ietf-oauth-v2-bearer-06.html> of the OAuth Bearer Token Specification<http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.html>. It contains the following changes: * Changed parameter name bearer_token to access_token, per working group consensus. * Changed HTTP status code for invalid_request error code from HTTP 401 (Unauthorized) back to HTTP 400 (Bad Request), per input from HTTP working group experts. It doesn't change the use of 403 (Forbidden) to (401) Unauthorized as had been discussed as a possibility, also due to input from the same HTTP working group experts. I believe that this addresses all the bearer token specification issues arising from the interim working group meeting and working group discussions since then. The draft is available at these locations: * http://www.ietf.org/internet-drafts/draft-ietf-oauth-v2-bearer-06.pdf * http://www.ietf.org/internet-drafts/draft-ietf-oauth-v2-bearer-06.txt * http://www.ietf.org/internet-drafts/draft-ietf-oauth-v2-bearer-06.xml * http://self-issued.info/docs/draft-ietf-oauth-v2-bearer-06.html * http://self-issued.info/docs/draft-ietf-oauth-v2-bearer-06.pdf * http://self-issued.info/docs/draft-ietf-oauth-v2-bearer-06.txt * http://self-issued.info/docs/draft-ietf-oauth-v2-bearer-06.xml * http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.html (will point to new versions as they are posted) * http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.pdf (will point to new versions as they are posted) * http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.txt (will point to new versions as they are posted) * http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.xml (will point to new versions as they are posted) * http://svn.openid.net/repos/specifications/oauth/2.0/ (Subversion repository, with html, pdf, txt, and html versions available) -- Mike