Re: [OAUTH-WG] What to do about 'realm'
Yaron Goland <yarong@microsoft.com> Mon, 28 June 2010 22:12 UTC
Return-Path: <yarong@microsoft.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 51B293A67FA for <oauth@core3.amsl.com>; Mon, 28 Jun 2010 15:12:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.855
X-Spam-Level:
X-Spam-Status: No, score=-9.855 tagged_above=-999 required=5 tests=[AWL=0.743, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FCS10eKLKXFQ for <oauth@core3.amsl.com>; Mon, 28 Jun 2010 15:12:45 -0700 (PDT)
Received: from smtp.microsoft.com (maila.microsoft.com [131.107.115.212]) by core3.amsl.com (Postfix) with ESMTP id AB4393A6892 for <oauth@ietf.org>; Mon, 28 Jun 2010 15:12:45 -0700 (PDT)
Received: from TK5EX14MLTC102.redmond.corp.microsoft.com (157.54.79.180) by TK5-EXGWY-E801.partners.extranet.microsoft.com (10.251.56.50) with Microsoft SMTP Server (TLS) id 8.2.176.0; Mon, 28 Jun 2010 15:12:57 -0700
Received: from TK5EX14MBXC117.redmond.corp.microsoft.com ([169.254.8.23]) by TK5EX14MLTC102.redmond.corp.microsoft.com ([157.54.79.180]) with mapi id 14.01.0160.007; Mon, 28 Jun 2010 15:12:55 -0700
From: Yaron Goland <yarong@microsoft.com>
To: Torsten Lodderstedt <torsten@lodderstedt.net>, Dick Hardt <dick.hardt@gmail.com>
Thread-Topic: [OAUTH-WG] What to do about 'realm'
Thread-Index: AcsWZA3VaAGfBKT6Rq+fJ1qCaXCqogAWqIAAABozBAAABh2zIA==
Date: Mon, 28 Jun 2010 22:12:52 +0000
Message-ID: <7C01E631FF4B654FA1E783F1C0265F8C579D103B@TK5EX14MBXC117.redmond.corp.microsoft.com>
References: <90C41DD21FB7C64BB94121FBBC2E72343B3EC84ADE@P3PW5EX1MB01.EX1.SECURESERVER.NET> <269A7D01-CB98-46F3-9D17-C0AAA31041E4@gmail.com> <4C28E4F2.6060605@lodderstedt.net>
In-Reply-To: <4C28E4F2.6060605@lodderstedt.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: multipart/alternative; boundary="_000_7C01E631FF4B654FA1E783F1C0265F8C579D103BTK5EX14MBXC117r_"
MIME-Version: 1.0
Cc: "OAuth WG (oauth@ietf.org)" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] What to do about 'realm'
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Jun 2010 22:12:51 -0000
+1 (for #3->#4) From: oauth-bounces@ietf.org [mailto:oauth-bounces@ietf.org] On Behalf Of Torsten Lodderstedt Sent: Monday, June 28, 2010 11:08 AM To: Dick Hardt Cc: OAuth WG (oauth@ietf.org) Subject: Re: [OAUTH-WG] What to do about 'realm' +1 Am 28.06.2010 07:37, schrieb Dick Hardt: I vote for (3) unless a good (4) is suggested. On 2010-06-27, at 6:51 PM, Eran Hammer-Lahav wrote: Over the past year many people expressed concerns about the use of the 'realm' WWW-Authenticate header parameter. The parameter is defined in RFC 2617 as required, and is allowed to have scheme-specific structure. We have a few options: 1. Leave it as required under the definition of RFC 2617 (i.e. provide no help, developers will need to ready 2617 and figure out what to do with it). 2. Update 2617 to remove the requirement - this is not going to be easy or possible to predict success. 3. Provide specific guidance as to what to do with the realm parameter. 4. Something else. Comments? EHL _______________________________________________ OAuth mailing list OAuth@ietf.org<mailto:OAuth@ietf.org> https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org<mailto:OAuth@ietf.org> https://www.ietf.org/mailman/listinfo/oauth
- Re: [OAUTH-WG] What to do about 'realm' Eran Hammer-Lahav
- Re: [OAUTH-WG] What to do about 'realm' Dick Hardt
- [OAUTH-WG] What to do about 'realm' Eran Hammer-Lahav
- Re: [OAUTH-WG] What to do about 'realm' Lukas Rosenstock
- Re: [OAUTH-WG] What to do about 'realm' Pid
- Re: [OAUTH-WG] What to do about 'realm' William Mills
- Re: [OAUTH-WG] What to do about 'realm' Torsten Lodderstedt
- Re: [OAUTH-WG] What to do about 'realm' Yaron Goland
- Re: [OAUTH-WG] What to do about 'realm' Brian Eaton
- Re: [OAUTH-WG] What to do about 'realm' Robert Sayre
- Re: [OAUTH-WG] What to do about 'realm' Eran Hammer-Lahav
- Re: [OAUTH-WG] What to do about 'realm' Manger, James H
- Re: [OAUTH-WG] What to do about 'realm' Eve Maler
- Re: [OAUTH-WG] What to do about 'realm' Robert Sayre
- Re: [OAUTH-WG] What to do about 'realm' Eran Hammer-Lahav
- Re: [OAUTH-WG] What to do about 'realm' William Mills
- Re: [OAUTH-WG] What to do about 'realm' Yaron Goland
- Re: [OAUTH-WG] What to do about 'realm' Robert Sayre
- Re: [OAUTH-WG] What to do about 'realm' Yaron Goland
- Re: [OAUTH-WG] What to do about 'realm' Brian Eaton
- Re: [OAUTH-WG] What to do about 'realm' Eran Hammer-Lahav