IETF Logo Mail Archive

Re: [OAUTH-WG] Proposed change to section 8.4. Defining New Authorization Endpoint Response Types

Eran Hammer-Lahav <eran@hueniverse.com> Wed, 20 July 2011 17:15 UTC

Return-Path: <eran@hueniverse.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A189421F8681 for <oauth@ietfa.amsl.com>; Wed, 20 Jul 2011 10:15:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.58
X-Spam-Level:
X-Spam-Status: No, score=-2.58 tagged_above=-999 required=5 tests=[AWL=0.019, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id itcljKaDsC1N for <oauth@ietfa.amsl.com>; Wed, 20 Jul 2011 10:15:38 -0700 (PDT)
Received: from p3plex1out01.prod.phx3.secureserver.net (p3plex1out01.prod.phx3.secureserver.net [72.167.180.17]) by ietfa.amsl.com (Postfix) with SMTP id 88F3521F8680 for <oauth@ietf.org>; Wed, 20 Jul 2011 10:15:38 -0700 (PDT)
Received: (qmail 29652 invoked from network); 20 Jul 2011 17:15:37 -0000
Received: from unknown (HELO smtp.ex1.secureserver.net) (72.167.180.21) by p3plex1out01.prod.phx3.secureserver.net with SMTP; 20 Jul 2011 17:15:37 -0000
Received: from P3PW5EX1MB01.EX1.SECURESERVER.NET ([10.6.135.19]) by P3PW5EX1HT003.EX1.SECURESERVER.NET ([72.167.180.21]) with mapi; Wed, 20 Jul 2011 10:15:29 -0700
From: Eran Hammer-Lahav <eran@hueniverse.com>
To: "eran@sled.com" <eran@sled.com>, OAuth WG <oauth@ietf.org>
Date: Wed, 20 Jul 2011 10:15:01 -0700
Thread-Topic: [OAUTH-WG] Proposed change to section 8.4. Defining New Authorization Endpoint Response Types
Thread-Index: AcxF2IFuXcht7wZvT3mPDMC79ij6zgAVXKWwADSfojA=
Message-ID: <90C41DD21FB7C64BB94121FBBC2E72345020652CD2@P3PW5EX1MB01.EX1.SECURESERVER.NET>
References: <90C41DD21FB7C64BB94121FBBC2E7234501D6E0653@P3PW5EX1MB01.EX1.SECURESERVER.NET> <90C41DD21FB7C64BB94121FBBC2E7234501D6E0720@P3PW5EX1MB01.EX1.SECURESERVER.NET>
In-Reply-To: <90C41DD21FB7C64BB94121FBBC2E7234501D6E0720@P3PW5EX1MB01.EX1.SECURESERVER.NET>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [OAUTH-WG] Proposed change to section 8.4. Defining New Authorization Endpoint Response Types
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Jul 2011 17:15:39 -0000

Looks like we have consensus for the new text. I'd like to ask the chairs to close issue 18 (or note it resolved until the I-D freeze is over and I can push a revised draft).

EHL

> -----Original Message-----
> From: oauth-bounces@ietf.org [mailto:oauth-bounces@ietf.org] On Behalf
> Of Eran Hammer-Lahav
> Sent: Tuesday, July 19, 2011 9:24 AM
> To: OAuth WG
> Subject: Re: [OAUTH-WG] Proposed change to section 8.4. Defining New
> Authorization Endpoint Response Types
> 
> Revised text. I changed it to focus on the implementation details.
> 
> In other words, all response types must be registered. If the type name
> includes spaces, it changes how the value is compared (space-delimited list
> of values where the order does not matter). That's it. Spaces only change
> how values are compared.
> 
> EHL
> 
> ---
> 
> 8.4.  Defining New Authorization Endpoint Response Types
> 
>    New response types for use with the authorization endpoint are
>    defined and registered in the authorization endpoint response type
>    registry following the procedure in Section 11.3.  Response type
>    names MUST conform to the response-type ABNF.
> 
>      response-type  = response-name *( SP response-name )
>      response-name  = 1*response-char
>      response-char  = "_" / DIGIT / ALPHA
> 
>    If a response type contains one of more space characters (%x20), it is
>    compared as a space-delimited list of values in which the order of values
>    does not matter. Only one order of values can be registered, which covers
>    all other arrangements of the same set of values.
> 
>    For example, the response type "token code" is left undefined by this
> specification.
>    However, an extension can define and register the "token code" response
> type.
>    Once registered, the same combination cannot be registered as "code
> token", but
>    both values can be used to denote the same response type.
> 
> Also, change the definition of response_type in section 3.1.1:
> 
>    response_type
>          REQUIRED.  The value MUST be one of "code" for requesting an
>          authorization code as described by Section 4.1.1, "token" for
>          requesting an access token (implicit grant) as described by
>          Section 4.2.1, or a registered extension value as described by
>          Section 8.4. If the response type contains one or more space characters
>          (%x20), it is interpreted as a space-delimited list of values, where
>          the order of values does not matter (e.g. "a b" is the same as "b a").
> 
> 
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth

v2.35.0 | Report a Bug | By Email | System Status