IETF Logo Mail Archive

Re: [OAUTH-WG] Section 7.2

Mike Jones <Michael.Jones@microsoft.com> Thu, 14 June 2012 22:01 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 45ADE11E80A2 for <oauth@ietfa.amsl.com>; Thu, 14 Jun 2012 15:01:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.598
X-Spam-Level:
X-Spam-Status: No, score=-3.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T8EfoiVDi5Dc for <oauth@ietfa.amsl.com>; Thu, 14 Jun 2012 15:01:56 -0700 (PDT)
Received: from db3outboundpool.messaging.microsoft.com (db3ehsobe006.messaging.microsoft.com [213.199.154.144]) by ietfa.amsl.com (Postfix) with ESMTP id 3D1C511E809F for <oauth@ietf.org>; Thu, 14 Jun 2012 15:01:55 -0700 (PDT)
Received: from mail72-db3-R.bigfish.com (10.3.81.248) by DB3EHSOBE002.bigfish.com (10.3.84.22) with Microsoft SMTP Server id 14.1.225.23; Thu, 14 Jun 2012 22:00:43 +0000
Received: from mail72-db3 (localhost [127.0.0.1]) by mail72-db3-R.bigfish.com (Postfix) with ESMTP id 3CC6EE0337; Thu, 14 Jun 2012 22:00:43 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14HUBC107.redmond.corp.microsoft.com; RD:none; EFVD:NLI
X-SpamScore: -22
X-BigFish: VS-22(zzbb2dI9371Ic85fhzz1202hzz1033IL8275dhz2fh2a8h668h839hd25hf0ah)
Received-SPF: pass (mail72-db3: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=Michael.Jones@microsoft.com; helo=TK5EX14HUBC107.redmond.corp.microsoft.com ; icrosoft.com ;
Received: from mail72-db3 (localhost.localdomain [127.0.0.1]) by mail72-db3 (MessageSwitch) id 1339711240990668_20775; Thu, 14 Jun 2012 22:00:40 +0000 (UTC)
Received: from DB3EHSMHS002.bigfish.com (unknown [10.3.81.238]) by mail72-db3.bigfish.com (Postfix) with ESMTP id F0226C0225; Thu, 14 Jun 2012 22:00:40 +0000 (UTC)
Received: from TK5EX14HUBC107.redmond.corp.microsoft.com (131.107.125.8) by DB3EHSMHS002.bigfish.com (10.3.87.102) with Microsoft SMTP Server (TLS) id 14.1.225.23; Thu, 14 Jun 2012 22:00:39 +0000
Received: from TK5EX14MBXC284.redmond.corp.microsoft.com ([169.254.1.189]) by TK5EX14HUBC107.redmond.corp.microsoft.com ([157.54.80.67]) with mapi id 14.02.0309.003; Thu, 14 Jun 2012 22:01:47 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Eran Hammer <eran@hueniverse.com>, "oauth@ietf.org WG (oauth@ietf.org)" <oauth@ietf.org>
Thread-Topic: [OAUTH-WG] Section 7.2
Thread-Index: AQHNSnlK4rMFHIKNpEG6QNgV8mtEhA==
Date: Thu, 14 Jun 2012 22:01:46 +0000
Message-ID: <4E1F6AAD24975D4BA5B1680429673943665394D7@TK5EX14MBXC284.redmond.corp.microsoft.com>
References: <0CBAEB56DDB3A140BA8E8C124C04ECA201073394@P3PWEX2MB008.ex2.secureserver.net>
In-Reply-To: <0CBAEB56DDB3A140BA8E8C124C04ECA201073394@P3PWEX2MB008.ex2.secureserver.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B1680429673943665394D7TK5EX14MBXC284r_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
Subject: Re: [OAUTH-WG] Section 7.2
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Jun 2012 22:01:57 -0000

That sounds fine to me.  If you want to take a stab at proposed text, have at it!

-- Mike

________________________________
From: Eran Hammer
Sent: 6/14/2012 2:59 PM
To: oauth@ietf.org WG (oauth@ietf.org)
Subject: [OAUTH-WG] Section 7.2

One simple solution is to define the new error location as an opt-in registry for oauth-centric token authentication methods. Instead of requiring new schemes to use it and deal with all the confusing qualifications, just narrowly define the new registry as a service for new token authentication methods seeking to share a common error representation format with the Bearer and other schemes. This removes the explicit 'error' parameter name issue, as well as any other restrictions or limitations. It also removes the MUST.

IOW, the new text will establish a common registry for sharing error codes across oauth-centric token authentication schemes and can recommend that such schemes opt into the registry if they return error status beyong HTTP codes. Such a resolution will be simple to explain and will make the registry intentions very clear and straigh forward.

If this is acceptable, I can propose new text for 7.2 based on the latest draft.

Just an idea.

EH

v2.23.0 | Report a Bug | By Email