IETF Logo Mail Archive

[OAUTH-WG] Authorization Code Grant diagram Improvement OAuth 2.1 draft-ietf-oauth-v2-1

Warren Parad <wparad@rhosys.ch> Thu, 30 July 2020 15:42 UTC

Return-Path: <wparad@rhosys.ch>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 73A043A09F6 for <oauth@ietfa.amsl.com>; Thu, 30 Jul 2020 08:42:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.003
X-Spam-Level:
X-Spam-Status: No, score=-1.003 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DC_PNG_UNO_LARGO=0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_16=1.092, HTML_IMAGE_RATIO_04=0.001, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_2=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=rhosys.ch
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q-bFJGfzcbFc for <oauth@ietfa.amsl.com>; Thu, 30 Jul 2020 08:41:59 -0700 (PDT)
Received: from mail-qv1-xf2a.google.com (mail-qv1-xf2a.google.com [IPv6:2607:f8b0:4864:20::f2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4BC413A0AAD for <oauth@ietf.org>; Thu, 30 Jul 2020 08:41:58 -0700 (PDT)
Received: by mail-qv1-xf2a.google.com with SMTP id m9so12711405qvx.5 for <oauth@ietf.org>; Thu, 30 Jul 2020 08:41:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rhosys.ch; s=google; h=mime-version:from:date:message-id:subject:to; bh=97c6hkG0s4KW5yRxgSmIjZCs8+mK/Z0ZWlBu+/DDWGY=; b=Z1dyjP2T2G7fqEmqKvlNjukMc2R5h7S4PlUrdE9Dgl8XO5Gq2UEeh90zQwSkqpWjSZ NLEFAUiHjIYgIAS7OIeE25CYEKFAKZBjBFhRywubDSJ+nzVevwKEmT2Xd33CjZcpBVLD vmjouvFxUCEudYOXL82Cmd8jMFkMIgvW9cDG4=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=97c6hkG0s4KW5yRxgSmIjZCs8+mK/Z0ZWlBu+/DDWGY=; b=XATvPqEDUdTlKjbPE6jovINtFKMT6Xl1xxf4YgJnSz6Eqm1qUpNy/4ieQMggdjzv2Z 3x1mILzIrl+DcjOWFUmkybiIvZK0ryNe9gcjTqFDRJL3ESe8LrqOTkuptirwxYKUgTtm S7pafx7cmKiqolYIWX9BlmZPt/EtnB29wq30BEAU6MSHA5BgXbCpyF4m3gob74uwaYYl sacRPzFQQ6CpA1HNp+bMdWL2o/MWmj9biTO1EbxZowOoAnX9QSg+3O5VMD+XdzB3d+Zr wlySUj9wRcv9Q1WGtsZ9TX+XDe4Su0aMXQmk95FHDAFrp3vpa7VS3xu5eTfyot6U8It6 Hh6w==
X-Gm-Message-State: AOAM530MmJN+wWCLUH2vCDyu4lPmtb3KJBzQC98DpfBXQDMHvCwG12wH JM6iBfy0AvFnOOQ5bpNjpG4k/BNMnD5AvID3CQkDL6i2eOjf
X-Google-Smtp-Source: ABdhPJwDaQ4RyJUMIo2hYkS5gstQE+GDqMkvThLwASbGcMa8ffuRcB48qEcXHAeNghauPyt5+/rve2Et1Z/Be5fIBBg=
X-Received: by 2002:a0c:e70b:: with SMTP id d11mr3522894qvn.63.1596123716612; Thu, 30 Jul 2020 08:41:56 -0700 (PDT)
MIME-Version: 1.0
From: Warren Parad <wparad@rhosys.ch>
Date: Thu, 30 Jul 2020 17:41:45 +0200
Message-ID: <CAJot-L0pNWox1aX5GOkD=QVJakRVVtn=PvysciB2Wak6ijG+Dw@mail.gmail.com>
To: oauth <oauth@ietf.org>
Content-Type: multipart/related; boundary="00000000000025abcd05abaa830c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/VXbHDmzPdMGnUDx_hofziljZla0>
Subject: [OAUTH-WG] Authorization Code Grant diagram Improvement OAuth 2.1 draft-ietf-oauth-v2-1
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jul 2020 15:42:07 -0000

https://www.ietf.org/id/draft-ietf-oauth-v2-1-00.html#name-authorization-code-grant

Can we avoid using (1, 2, 3) on the left side of the diagram to describe,
I'm not even sure what they are supposed to represent, not to mention the
RO in the diagram doesn't really provide value (for me) relevant to the
code grant flow. It's confusing to see these numerical identifiers twice in
the same picture. But maybe there is something hidden in this that I'm
missing, still 3a and 3b could be used to identify different legs of the
same code path.
[image: image.png]


*Warren Parad*
Secure your user data and complete your authorization architecture.
Implement Authress <https://bit.ly/37SSO1p>.
<https://rhosys.ch>

v2.23.0 | Report a Bug | By Email