Re: [OAUTH-WG] Concerning OAuth introspection

Brian Campbell <bcampbell@pingidentity.com> Thu, 24 January 2013 15:01 UTC

Return-Path: <bcampbell@pingidentity.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E92A21F8A64 for <oauth@ietfa.amsl.com>; Thu, 24 Jan 2013 07:01:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.976
X-Spam-Level:
X-Spam-Status: No, score=-5.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0B41XQ2GWKy5 for <oauth@ietfa.amsl.com>; Thu, 24 Jan 2013 07:01:39 -0800 (PST)
Received: from na3sys009aog111.obsmtp.com (na3sys009aog111.obsmtp.com [74.125.149.205]) by ietfa.amsl.com (Postfix) with ESMTP id 717EB21F8A56 for <oauth@ietf.org>; Thu, 24 Jan 2013 07:01:39 -0800 (PST)
Received: from mail-oa0-f69.google.com ([209.85.219.69]) (using TLSv1) by na3sys009aob111.postini.com ([74.125.148.12]) with SMTP ID DSNKUQFM0op9FQm80azMLutajl6u5cZ/kAhj@postini.com; Thu, 24 Jan 2013 07:01:39 PST
Received: by mail-oa0-f69.google.com with SMTP id l10so9904880oag.4 for <oauth@ietf.org>; Thu, 24 Jan 2013 07:01:38 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:x-received:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type:x-gm-message-state; bh=hCKOs5RZ6gAJ3/cz13m+GJxnxUvodD8GG2PyvQyH/ro=; b=PyYneSLuIn/vvHpnOPmJxv9iR8uc3srKEmrJCNrC46gXdJtSIsEPMfM89O/AS2aE7b zVgqiLl6kzk+SYjHUqzbh8R1aGzpqLUdz9IpRnrl1hWXZm3e9MYjoW6ymA+cgcm663Y+ pEC/27aaXKavFUZNl7zS52KTQUDCJ0BrftKuC9KwBhqJC4mNkMrlSgjl5/ZWfw6iPw6A 8gCe8risWmfDXfdgrd1Pu0EPYI86q9b9XEvGsCM7/iZlBmCvHsMN6pVEoqSugv/uYm2g upuFwRvzMWdInma7KJZWp7dBn39KJU8UOqaeJJ5IuQUyTX02PRC8Y/SRReiB3nWWt+UM bZTA==
X-Received: by 10.50.169.106 with SMTP id ad10mr1594474igc.88.1359039698339; Thu, 24 Jan 2013 07:01:38 -0800 (PST)
X-Received: by 10.50.169.106 with SMTP id ad10mr1594468igc.88.1359039698246; Thu, 24 Jan 2013 07:01:38 -0800 (PST)
MIME-Version: 1.0
Received: by 10.64.17.134 with HTTP; Thu, 24 Jan 2013 07:01:08 -0800 (PST)
In-Reply-To: <51014484.50001@mitre.org>
References: <CAHA4TYtCG+o0AZzh9e-3nb6gKLaWFeJuQfBxHVmUDH5Aj+TdpQ@mail.gmail.com> <50FEE1BF.5050200@mitre.org> <-6134323107835063788@unknownmsgid> <510005F5.6000004@mitre.org> <4a060479b5374e8ba58d3c9e1b15d917@BY2PR03MB041.namprd03.prod.outlook.com> <51001B5C.80407@mitre.org> <9a1d3f9d095e4f14b55ff99c9cf1799e@BY2PR03MB041.namprd03.prod.outlook.com> <51001D61.1060000@mitre.org> <1b7dbe92b69e4e51bbb0012f06381756@BY2PR03MB041.namprd03.prod.outlook.com> <51002656.2050900@mitre.org> <5101135F.5060000@gmail.com> <51014484.50001@mitre.org>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Thu, 24 Jan 2013 08:01:08 -0700
Message-ID: <CA+k3eCQKXGzJ0qxJa=6HJbpmB4Gm4hzEKZ5ff+E8YGT5JMGoNQ@mail.gmail.com>
To: Justin Richer <jricher@mitre.org>
Content-Type: multipart/alternative; boundary=e89a8f2346bb731bb004d40a16ff
X-Gm-Message-State: ALoCoQmcqQNM8+WFsQUwj+68rwBblaM1H748Fb8Wxfp2e7PQ1IrAeYIPNa6zD4rlnKpcTNVZ+cGcSUAIImObrOEeFsAXg7vzqeN+uRxdMXn5kxppJbAPkUOjywFrO/SxccdrttToeAKV
Cc: oauth@ietf.org
Subject: Re: [OAUTH-WG] Concerning OAuth introspection
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jan 2013 15:01:40 -0000

Well, you *can* have it both ways. But to your point Justin - what's the
value in it? Allowing for both adds a bunch of unnecessary complexity while
only adding flexibility for the sake of flexibility with no tangible
benefit.

On Thu, Jan 24, 2013 at 7:26 AM, Justin Richer <jricher@mitre.org> wrote:

>
> On 01/24/2013 05:56 AM, Sergey Beryozkin wrote:
>
>>
>> and reword the spec such that it will let those who implement do it with
>> one endpoint or many, whatever is preferred
>>
>>
> That's the whole point of this discussion -- I don't believe you can have
> it both ways.
>