Re: [OAUTH-WG] Fwd: [kitten] WGLC of draft-ietf-kitten-sasl-oauth-18

"Ebling, Sebastian" <s.ebling@telekom.de> Fri, 02 January 2015 15:01 UTC

Return-Path: <s.ebling@telekom.de>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 744411A878B for <oauth@ietfa.amsl.com>; Fri, 2 Jan 2015 07:01:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.86
X-Spam-Level:
X-Spam-Status: No, score=-3.86 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TGDHVtXaSgPF for <oauth@ietfa.amsl.com>; Fri, 2 Jan 2015 07:01:33 -0800 (PST)
Received: from tcmail43.telekom.de (tcmail43.telekom.de [80.149.113.173]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 08A901A8788 for <OAuth@ietf.org>; Fri, 2 Jan 2015 07:01:29 -0800 (PST)
Received: from s4de8nsazdfe010.bmbg.telekom.de ([10.175.246.202]) by tcmail41.telekom.de with ESMTP; 02 Jan 2015 16:01:27 +0100
X-IronPort-AV: E=Sophos;i="5.07,684,1413237600"; d="scan'208";a="593064914"
Received: from unknown (HELO qeo40064.de.t-online.corp) ([10.224.209.65]) by s4de8nsazdfe010.bmbg.telekom.de with ESMTP/TLS/AES128-SHA; 02 Jan 2015 16:01:27 +0100
Received: from QEO00410.de.t-online.corp (10.224.209.110) by QEO40065.de.t-online.corp (10.224.209.65) with Microsoft SMTP Server (TLS) id 8.3.377.0; Fri, 2 Jan 2015 16:01:24 +0100
Received: from QEO00411.de.t-online.corp (10.224.209.111) by QEO00410.de.t-online.corp (10.224.209.114) with Microsoft SMTP Server (TLS) id 15.0.995.29; Fri, 2 Jan 2015 16:01:24 +0100
Received: from QEO00411.de.t-online.corp ([fe80::204f:5580:6b52:2397]) by QEO00411.de.t-online.corp ([fe80::204f:5580:6b52:2397%12]) with mapi id 15.00.0995.031; Fri, 2 Jan 2015 16:01:24 +0100
From: "Ebling, Sebastian" <s.ebling@telekom.de>
To: "OAuth@ietf.org" <OAuth@ietf.org>
Thread-Topic: [OAUTH-WG] Fwd: [kitten] WGLC of draft-ietf-kitten-sasl-oauth-18
Thread-Index: AQHQGI1V40ObtTuxmkq9P1RmjhaELJym3NIAgAYViNA=
Date: Fri, 02 Jan 2015 15:01:23 +0000
Message-ID: <18377bd2bfda4497918a529161e6089b@QEO00411.de.t-online.corp>
References: <alpine.GSO.1.10.1412151233180.23489@multics.mit.edu> <1155894743.2328533.1419875176762.JavaMail.yahoo@jws10672.mail.bf1.yahoo.com>
In-Reply-To: <1155894743.2328533.1419875176762.JavaMail.yahoo@jws10672.mail.bf1.yahoo.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.224.192.139]
x-esetresult: clean, is OK
x-esetid: ADA63A3EB8F2F1ECF8EB65
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/oauth/S1aWhtAwskE7o8m6FML4SSQgWFk
Subject: Re: [OAUTH-WG] Fwd: [kitten] WGLC of draft-ietf-kitten-sasl-oauth-18
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Jan 2015 15:01:36 -0000

Hello,

There is a little typo in Section 3.2.2:
Replace "The URL for for a document" with "The URL for a document".


Section 3. contains
"2.  Server responds with a successful authentication.

   In the case where authorization fails the server sends an error
   result, then client MUST then send an additional message to the
   server in order to allow the server to finish the exchange."
There is a switch between authentication and authorization. Even if the access token represents authorization information I suggest to write "In the case where authentication fails" because it is more consistent here.

Section 3.2.2. introduces "oauth-configuration", the example in section 4.3 uses "openid-configuration".

Regards

Sebastian Ebling


Von: OAuth [mailto:oauth-bounces@ietf.org] Im Auftrag von Bill Mills
Gesendet: Montag, 29. Dezember 2014 18:46
An: oauth@ietf.org
Betreff: Re: [OAUTH-WG] Fwd: [kitten] WGLC of draft-ietf-kitten-sasl-oauth-18

No other comments on this?  Any "It's ready to go."?

On Monday, December 15, 2014 9:34 AM, Benjamin Kaduk <kaduk@MIT.EDU> wrote:

Hi all,

There may be some interested parties over here; please feel free to chime
in on this WGLC over on the kitten list.

-Ben

---------- Forwarded message ----------
Date: Mon, 15 Dec 2014 12:14:30 -0500
From: Benjamin Kaduk <kaduk@MIT.EDU>
To: kitten@ietf.org
Cc: kitten-chairs@tools.ietf.org
Subject: [kitten] WGLC of draft-ietf-kitten-sasl-oauth-18

This message begins the fourth Working Group Last Call (WGLC) of "A set of
SASL Mechanisms for OAuth" <draft-ietf-kitten-sasl-oauth-18.txt>.  Due to
the overlap of the last call period with holidays, the duration of the
WGLC is extended to four weeks, so the WGLC will end on 12 January 2015.
The draft is available at:

https://tools.ietf.org/html/draft-ietf-kitten-sasl-oauth-18

Because the changes between -15 and -18 involve behavior changes,
including changes regarding discovery and dynamic registration, the Chairs
decided to issue an additional last call.

Please review the document and send comments to the Working Group
mailing list < kitten at itef.org > or the co-chairs < kitten-chairs
at tools.ietf.org > before the end of the WGLC.  Any and all comments
on the document are sought in order to access the strength of
consensus.  Even if you have read and commented on this or earlier
versions of the draft, please feel free to comment again.  This is
particularly important if you found issues with the previous version.

As a reminder, comments can be anything from "this looks fine" to
"this is a horrible idea"; they can include suggestions for minor
editorial corrections to significant editorial changes.


- Your Kitten Chairs

_______________________________________________
Kitten mailing list
Kitten@ietf.org
https://www.ietf.org/mailman/listinfo/kitten

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth