Re: [OAUTH-WG] Which draft to use as a starting point for 'using a token'?
"Paul C. Bryan" <email@pbryan.net> Tue, 09 February 2010 16:40 UTC
Return-Path: <email@pbryan.net>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6514F28C225 for <oauth@core3.amsl.com>; Tue, 9 Feb 2010 08:40:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.458
X-Spam-Level:
X-Spam-Status: No, score=-2.458 tagged_above=-999 required=5 tests=[AWL=0.141, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bbhnoBFeLwKI for <oauth@core3.amsl.com>; Tue, 9 Feb 2010 08:40:37 -0800 (PST)
Received: from maple.anode.ca (maple.anode.ca [72.14.183.184]) by core3.amsl.com (Postfix) with ESMTP id D59FE28C10D for <oauth@ietf.org>; Tue, 9 Feb 2010 08:40:36 -0800 (PST)
Received: from [192.168.0.5] (S010600095baae0ff.vf.shawcable.net [174.1.50.199]) by maple.anode.ca (Postfix) with ESMTPSA id 8C90EEA021 for <oauth@ietf.org>; Tue, 9 Feb 2010 16:41:43 +0000 (UTC)
From: "Paul C. Bryan" <email@pbryan.net>
To: "OAuth WG (oauth@ietf.org)" <oauth@ietf.org>
In-Reply-To: <90C41DD21FB7C64BB94121FBBC2E723437DFDDE1DC@P3PW5EX1MB01.EX1.SECURESERVER.NET>
References: <ADB082E11CEB5D49A3CC03E49DCECE02378CB8868D@P3PW5EX1MB01.EX1.SECURESERVER.NET> <90C41DD21FB7C64BB94121FBBC2E723437DFDDE1DC@P3PW5EX1MB01.EX1.SECURESERVER.NET>
Content-Type: text/plain; charset="UTF-8"
Date: Tue, 09 Feb 2010 08:41:37 -0800
Message-ID: <1265733697.19870.21.camel@localhost>
Mime-Version: 1.0
X-Mailer: Evolution 2.28.1
Content-Transfer-Encoding: 7bit
Subject: Re: [OAUTH-WG] Which draft to use as a starting point for 'using a token'?
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Feb 2010 16:40:38 -0000
For me, not so much care as believe I am in a qualified-enough position to vote on this one. I'm inclined to use draft-ietf-oauth-authentication. On Tue, 2010-02-09 at 09:15 -0700, Eran Hammer-Lahav wrote: > No one cares? > > EHL > > > -----Original Message----- > > From: Eran Hammer-Lahav > > Sent: Thursday, February 04, 2010 11:29 PM > > To: OAuth WG (oauth@ietf.org) > > Subject: Which draft to use as a starting point for 'using a token'? > > > > On the call today I clarified what is going on with all the different drafts. In > > brief: > > > > draft-hammer-oauth - documentation of the OAuth 1.0 Rev A (with changes) > > protocol. This is done and should be approved by the IESG shortly for > > publication. > > > > draft-ietf-oauth-authentication - the part of OAuth 1.0 dealing with 'how to > > use a token after you obtain it'. > > draft-ietf-oauth-web-delegation - the part of OAuth 1.0 rev A dealing with > > 'getting a token'. > > > > draft-hammer-http-token-auth - an alternative proposal (meant to replace > > draft-ietf-oauth-authentication) which builds on top of OAuth 1.0 but cleans > > up the structure and removes the client credentials when accessing > > protected resources. It also changes how the request is normalized into a > > string before signing. > > > > We have three options for moving forward with 'how to use a token'. Start > > with: > > > > 1. draft-ietf-oauth-authentication > > 2. draft-hammer-http-token-auth > > 3. something else* > > > > * Do not suggest something else unless you are going to submit a proposal. It > > doesn't have to be an I-D, I am happy to do the editorial work but I will need > > a detailed proposal that is enough to turn into a specification. > > > > Pick. > > > > EHL > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
- [OAUTH-WG] Which draft to use as a starting point… Eran Hammer-Lahav
- Re: [OAUTH-WG] Which draft to use as a starting p… Eran Hammer-Lahav
- Re: [OAUTH-WG] Which draft to use as a starting p… Paul C. Bryan
- Re: [OAUTH-WG] Which draft to use as a starting p… Dick Hardt
- Re: [OAUTH-WG] Which draft to use as a starting p… Greg Brail
- Re: [OAUTH-WG] Which draft to use as a starting p… Eran Hammer-Lahav
- Re: [OAUTH-WG] Which draft to use as a starting p… Eran Hammer-Lahav