Re: [OAUTH-WG] Fwd: [kitten] WGLC of draft-ietf-kitten-sasl-oauth-18

"Ebling, Sebastian" <> Fri, 02 January 2015 15:01 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 744411A878B for <>; Fri, 2 Jan 2015 07:01:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -3.86
X-Spam-Status: No, score=-3.86 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id TGDHVtXaSgPF for <>; Fri, 2 Jan 2015 07:01:33 -0800 (PST)
Received: from ( []) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 08A901A8788 for <>; Fri, 2 Jan 2015 07:01:29 -0800 (PST)
Received: from ([]) by with ESMTP; 02 Jan 2015 16:01:27 +0100
X-IronPort-AV: E=Sophos;i="5.07,684,1413237600"; d="scan'208";a="593064914"
Received: from unknown (HELO ([]) by with ESMTP/TLS/AES128-SHA; 02 Jan 2015 16:01:27 +0100
Received: from ( by ( with Microsoft SMTP Server (TLS) id 8.3.377.0; Fri, 2 Jan 2015 16:01:24 +0100
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.995.29; Fri, 2 Jan 2015 16:01:24 +0100
Received: from ([fe80::204f:5580:6b52:2397]) by ([fe80::204f:5580:6b52:2397%12]) with mapi id 15.00.0995.031; Fri, 2 Jan 2015 16:01:24 +0100
From: "Ebling, Sebastian" <>
To: "" <>
Thread-Topic: [OAUTH-WG] Fwd: [kitten] WGLC of draft-ietf-kitten-sasl-oauth-18
Thread-Index: AQHQGI1V40ObtTuxmkq9P1RmjhaELJym3NIAgAYViNA=
Date: Fri, 02 Jan 2015 15:01:23 +0000
Message-ID: <>
References: <> <>
In-Reply-To: <>
Accept-Language: de-DE, en-US
Content-Language: de-DE
x-originating-ip: []
x-esetresult: clean, is OK
x-esetid: ADA63A3EB8F2F1ECF8EB65
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Subject: Re: [OAUTH-WG] Fwd: [kitten] WGLC of draft-ietf-kitten-sasl-oauth-18
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 02 Jan 2015 15:01:36 -0000


There is a little typo in Section 3.2.2:
Replace "The URL for for a document" with "The URL for a document".

Section 3. contains
"2.  Server responds with a successful authentication.

   In the case where authorization fails the server sends an error
   result, then client MUST then send an additional message to the
   server in order to allow the server to finish the exchange."
There is a switch between authentication and authorization. Even if the access token represents authorization information I suggest to write "In the case where authentication fails" because it is more consistent here.

Section 3.2.2. introduces "oauth-configuration", the example in section 4.3 uses "openid-configuration".


Sebastian Ebling

Von: OAuth [] Im Auftrag von Bill Mills
Gesendet: Montag, 29. Dezember 2014 18:46
Betreff: Re: [OAUTH-WG] Fwd: [kitten] WGLC of draft-ietf-kitten-sasl-oauth-18

No other comments on this?  Any "It's ready to go."?

On Monday, December 15, 2014 9:34 AM, Benjamin Kaduk <kaduk@MIT.EDU> wrote:

Hi all,

There may be some interested parties over here; please feel free to chime
in on this WGLC over on the kitten list.


---------- Forwarded message ----------
Date: Mon, 15 Dec 2014 12:14:30 -0500
From: Benjamin Kaduk <kaduk@MIT.EDU>
Subject: [kitten] WGLC of draft-ietf-kitten-sasl-oauth-18

This message begins the fourth Working Group Last Call (WGLC) of "A set of
SASL Mechanisms for OAuth" <draft-ietf-kitten-sasl-oauth-18.txt>.  Due to
the overlap of the last call period with holidays, the duration of the
WGLC is extended to four weeks, so the WGLC will end on 12 January 2015.
The draft is available at:

Because the changes between -15 and -18 involve behavior changes,
including changes regarding discovery and dynamic registration, the Chairs
decided to issue an additional last call.

Please review the document and send comments to the Working Group
mailing list < kitten at > or the co-chairs < kitten-chairs
at > before the end of the WGLC.  Any and all comments
on the document are sought in order to access the strength of
consensus.  Even if you have read and commented on this or earlier
versions of the draft, please feel free to comment again.  This is
particularly important if you found issues with the previous version.

As a reminder, comments can be anything from "this looks fine" to
"this is a horrible idea"; they can include suggestions for minor
editorial corrections to significant editorial changes.

- Your Kitten Chairs

Kitten mailing list

OAuth mailing list