[OAUTH-WG] Scope :: Was: Extensibility for OAuth?
Dick Hardt <dick.hardt@gmail.com> Wed, 23 June 2010 16:02 UTC
Return-Path: <dick.hardt@gmail.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 223F83A6874 for <oauth@core3.amsl.com>; Wed, 23 Jun 2010 09:02:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.433
X-Spam-Level:
X-Spam-Status: No, score=-2.433 tagged_above=-999 required=5 tests=[AWL=0.166, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Mq0e5hC1Gon6 for <oauth@core3.amsl.com>; Wed, 23 Jun 2010 09:02:25 -0700 (PDT)
Received: from mail-pv0-f172.google.com (mail-pv0-f172.google.com [74.125.83.172]) by core3.amsl.com (Postfix) with ESMTP id 41A5B3A682E for <oauth@ietf.org>; Wed, 23 Jun 2010 09:02:25 -0700 (PDT)
Received: by pvc21 with SMTP id 21so310154pvc.31 for <oauth@ietf.org>; Wed, 23 Jun 2010 09:02:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:subject:mime-version :content-type:from:in-reply-to:date:cc:content-transfer-encoding :message-id:references:to:x-mailer; bh=voUetqjIcG13pf34hPm9EWSQYXsdf3zzQMM78gnSPDM=; b=RxsUrPhv0OemoQr45rp7SyQTXsQKGa1XihZjo63ylnEhh5iM5yScYjMlogAB490dNX lH1tf2n5ht0BrRQcEmitI4IYSQ9kzC+2oGvVZW16RK8NdpaNAWyGaWx4NK0viaPJd3Ak rF5tg3QAIiZ74JSKO0+AWwALSFNbrgpNtm79g=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=subject:mime-version:content-type:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to:x-mailer; b=WUrX5+3P2FTIq13qj/ox4ACxgXdaXa310y4J0ExLYueDw+HsuD9wzWHZvSiWgC1mOb yDGWumGpid+c+idBrpusF2qnEfpXwZo8YS75PL64N+B8prwVad/qgHcaL+4AQiftttCH 8X02/2vI5wmDYoQj4UhhiWuOlG/yOdj9Jp3tY=
Received: by 10.115.114.34 with SMTP id r34mr7842795wam.64.1277308950635; Wed, 23 Jun 2010 09:02:30 -0700 (PDT)
Received: from [192.168.1.5] (c-24-130-32-55.hsd1.ca.comcast.net [24.130.32.55]) by mx.google.com with ESMTPS id c14sm71659505waa.1.2010.06.23.09.02.29 (version=TLSv1/SSLv3 cipher=RC4-MD5); Wed, 23 Jun 2010 09:02:29 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1081)
Content-Type: text/plain; charset="us-ascii"
From: Dick Hardt <dick.hardt@gmail.com>
In-Reply-To: <3D3C75174CB95F42AD6BCC56E5555B4502BE07CC@FIESEXC015.nsn-intra.net>
Date: Wed, 23 Jun 2010 09:02:27 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <E7A7F197-3BBC-43F2-8242-D0164057A39A@gmail.com>
References: <3D3C75174CB95F42AD6BCC56E5555B4502BE07CC@FIESEXC015.nsn-intra.net>
To: "Tschofenig, Hannes (NSN - FI/Espoo)" <hannes.tschofenig@nsn.com>
X-Mailer: Apple Mail (2.1081)
Cc: OAuth WG <oauth@ietf.org>
Subject: [OAUTH-WG] Scope :: Was: Extensibility for OAuth?
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Jun 2010 16:02:26 -0000
On 2010-06-22, at 11:07 PM, Tschofenig, Hannes (NSN - FI/Espoo) wrote: > " > scope > OPTIONAL. The scope of the access request expressed as a list > of space-delimited strings. The value of the "scope" parameter > is defined by the authorization server. If the value contains > multiple space-delimited strings, their order does not matter, > and each string adds an additional access range to the > requested scope. > " > > Do folks think it would be useful to have standardized values? Not at this time. The semantics of scope are all over the place. If standardized, people will feel they need to pick one that is close to what they want, but is not exactly what they mean. I think it is better for the AS to define what they mean by a scope and give it a name that makes sense in that context. > > If the answer is "yes", then it would be useful to differentiate the > standardized values from those values that are purely defined locally by > the authorization server.
- [OAUTH-WG] Extensibility for OAuth? Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [OAUTH-WG] Scope :: Was: Extensibility for OA… William Mills
- [OAUTH-WG] Scope :: Was: Extensibility for OAuth? Dick Hardt
- Re: [OAUTH-WG] Extensibility for OAuth? Thomas Hardjono
- Re: [OAUTH-WG] Scope :: Was: Extensibility for OA… Lukas Rosenstock
- Re: [OAUTH-WG] Scope :: Was: Extensibility for OA… Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [OAUTH-WG] Scope :: Was: Extensibility for OA… Justin Richer
- Re: [OAUTH-WG] Scope :: Was: Extensibility for OA… Dick Hardt
- Re: [OAUTH-WG] Scope :: Was: Extensibility for OA… Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [OAUTH-WG] Scope :: Was: Extensibility for OA… Justin Richer
- Re: [OAUTH-WG] Scope :: Was: Extensibility for OA… Blaine Cook
- Re: [OAUTH-WG] Scope :: Was: Extensibility for OA… Dick Hardt
- Re: [OAUTH-WG] Scope :: Was: Extensibility for OA… Dick Hardt
- Re: [OAUTH-WG] Scope :: Was: Extensibility for OA… Luke Shepard
- Re: [OAUTH-WG] Extensibility for OAuth? Eran Hammer-Lahav
- Re: [OAUTH-WG] Scope :: Was: Extensibility for OA… Eran Hammer-Lahav
- Re: [OAUTH-WG] Extensibility for OAuth? Dick Hardt
- Re: [OAUTH-WG] Scope :: Was: Extensibility for OA… Eran Hammer-Lahav
- Re: [OAUTH-WG] Extensibility for OAuth? Eran Hammer-Lahav
- Re: [OAUTH-WG] Scope :: Was: Extensibility for OA… Dick Hardt
- Re: [OAUTH-WG] Scope :: Was: Extensibility for OA… Eran Hammer-Lahav
- Re: [OAUTH-WG] Extensibility for OAuth? Dick Hardt
- Re: [OAUTH-WG] Extensibility for OAuth? Eran Hammer-Lahav
- Re: [OAUTH-WG] Scope :: Was: Extensibility for OA… Justin Hart