[OAUTH-WG] error_description USASCII-encoded - is this a difficulty?

Todd W Lainhart <lainhart@us.ibm.com> Thu, 17 January 2013 18:09 UTC

Return-Path: <lainhart@us.ibm.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C26F21F87D4 for <oauth@ietfa.amsl.com>; Thu, 17 Jan 2013 10:09:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.598
X-Spam-Level:
X-Spam-Status: No, score=-10.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ducXfJWEk3yq for <oauth@ietfa.amsl.com>; Thu, 17 Jan 2013 10:09:23 -0800 (PST)
Received: from e9.ny.us.ibm.com (e9.ny.us.ibm.com [32.97.182.139]) by ietfa.amsl.com (Postfix) with ESMTP id A43EE21F87E3 for <oauth@ietf.org>; Thu, 17 Jan 2013 10:09:23 -0800 (PST)
Received: from /spool/local by e9.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for <oauth@ietf.org> from <lainhart@us.ibm.com>; Thu, 17 Jan 2013 13:09:22 -0500
Received: from d01dlp02.pok.ibm.com (9.56.250.167) by e9.ny.us.ibm.com (192.168.1.109) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 17 Jan 2013 13:09:21 -0500
Received: from d01relay05.pok.ibm.com (d01relay05.pok.ibm.com [9.56.227.237]) by d01dlp02.pok.ibm.com (Postfix) with ESMTP id 30FC86E8077; Thu, 17 Jan 2013 13:09:19 -0500 (EST)
Received: from d01av03.pok.ibm.com (d01av03.pok.ibm.com [9.56.224.217]) by d01relay05.pok.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id r0HI9KT5307386; Thu, 17 Jan 2013 13:09:20 -0500
Received: from d01av03.pok.ibm.com (loopback [127.0.0.1]) by d01av03.pok.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP id r0HI9J4v027468; Thu, 17 Jan 2013 16:09:19 -0200
Received: from d01ml255.pok.ibm.com (d01ml255.pok.ibm.com [9.63.10.54]) by d01av03.pok.ibm.com (8.14.4/8.13.1/NCO v10.0 AVin) with ESMTP id r0HI9JI3027450; Thu, 17 Jan 2013 16:09:19 -0200
To: oauth@ietf.org
Cc: oauth-bounces@ietf.org
MIME-Version: 1.0
X-KeepSent: 89C2383F:5888D4B7-85257AF6:005D229B; type=4; name=$KeepSent
X-Mailer: Lotus Notes Release 8.5.3FP2 SHF22 July 19, 2012
Message-ID: <OF89C2383F.5888D4B7-ON85257AF6.005D229B-85257AF6.0063BA05@us.ibm.com>
From: Todd W Lainhart <lainhart@us.ibm.com>
Date: Thu, 17 Jan 2013 13:09:17 -0500
X-MIMETrack: Serialize by Router on D01ML255/01/M/IBM(Release 8.5.3FP2 ZX853FP2HF4|December 14, 2012) at 01/17/2013 13:09:19, Serialize complete at 01/17/2013 13:09:19
Content-Type: multipart/alternative; boundary="=_alternative 0063BA0385257AF6_="
X-Content-Scanned: Fidelis XPS MAILER
x-cbid: 13011718-7182-0000-0000-0000048538CA
Subject: [OAUTH-WG] error_description USASCII-encoded - is this a difficulty?
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Jan 2013 18:09:24 -0000

We're working on an OAuth 2.0 AS, with extensions defined for session 
mgmt.  We're trying to adopt uniformly the error reporting mechanism in 
6749.

I'm now realizing that the error_description response in specified to be 
USASCII.  I was assuming that the error message could be UTF-8 encoded, 
such that I could return error messages in the client's locale.  E.G. 
consider the client credentials grant.  The store on the AS holding the 
registration is down, so I'd like to return a 500 with an error message 
from the store, from a catalog mapped to the client's language.

I've wondered about adding an additional response parameter, something 
like error_description_locale, but thought that there might be better 
practices out there.  I'm also wondering about the USASCII constraint on 
error_description.  I'm a long-time reader of this list, but I'm not 
recalling the background on this.





Todd Lainhart
Rational software
IBM Corporation
550 King Street, Littleton, MA 01460-1250
1-978-899-4705
2-276-4705 (T/L)
lainhart@us.ibm.com