Re: [OAUTH-WG] Draft -12 feedback deadline
Marius Scurtescu <mscurtescu@google.com> Mon, 28 February 2011 22:57 UTC
Return-Path: <mscurtescu@google.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A85333A6C8E for <oauth@core3.amsl.com>; Mon, 28 Feb 2011 14:57:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -105.977
X-Spam-Level:
X-Spam-Status: No, score=-105.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YESfSpk8thWc for <oauth@core3.amsl.com>; Mon, 28 Feb 2011 14:57:24 -0800 (PST)
Received: from smtp-out.google.com (smtp-out.google.com [216.239.44.51]) by core3.amsl.com (Postfix) with ESMTP id 626253A6CAF for <oauth@ietf.org>; Mon, 28 Feb 2011 14:57:24 -0800 (PST)
Received: from hpaq7.eem.corp.google.com (hpaq7.eem.corp.google.com [172.25.149.7]) by smtp-out.google.com with ESMTP id p1SMwPvq028072 for <oauth@ietf.org>; Mon, 28 Feb 2011 14:58:25 -0800
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=google.com; s=beta; t=1298933905; bh=4r6Bo716SLwZkPSuMdAMlJTs1Hc=; h=MIME-Version:In-Reply-To:References:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=pmSqM+OCCa4VtrydCqg/9DuHdlx5BDbr1fkcbUMgbfQAOUG9j7O/e1IO8vM2QvK1a md2mcGn6QYsvtRU5U3iOg==
Received: from yxn22 (yxn22.prod.google.com [10.190.4.86]) by hpaq7.eem.corp.google.com with ESMTP id p1SMvuWn028515 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT) for <oauth@ietf.org>; Mon, 28 Feb 2011 14:58:23 -0800
Received: by yxn22 with SMTP id 22so2066854yxn.34 for <oauth@ietf.org>; Mon, 28 Feb 2011 14:58:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=beta; h=domainkey-signature:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=4H4vF2ZMUDPkhqljQSh2YMzLD0jg1cSZaQTe5UYvIKo=; b=I3Ucq64f150qcVrVQWy+3BmNeE9vHsEuEvA971rB97OhAJhKvmDRI1zknoYp+3fQ9Y p8dEzOceg3YEzpaDoyAQ==
DomainKey-Signature: a=rsa-sha1; c=nofws; d=google.com; s=beta; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; b=dKj8HbsNdEPSLlxw5OtMW7J8qGfj93er7O6ezpkiX79P7zy4CdwJwxoaKu1s/yLFq3 wrYqaAPa63ebDUKddd8A==
Received: by 10.100.17.26 with SMTP id 26mr2568573anq.14.1298933903201; Mon, 28 Feb 2011 14:58:23 -0800 (PST)
MIME-Version: 1.0
Received: by 10.101.38.13 with HTTP; Mon, 28 Feb 2011 14:58:03 -0800 (PST)
In-Reply-To: <4D6C0289.3030300@alcatel-lucent.com>
References: <90C41DD21FB7C64BB94121FBBC2E723445A8D6254D@P3PW5EX1MB01.EX1.SECURESERVER.NET> <AANLkTinMjQW26mLkoN7oMdLWLGAHp0_O9LbVi13RpMJB@mail.gmail.com> <90C41DD21FB7C64BB94121FBBC2E723445A91D3EE9@P3PW5EX1MB01.EX1.SECURESERVER.NET> <AANLkTimjWkO8o+z+P=AKpyYkSjTh6oS7uM9N0JwR_vR6@mail.gmail.com> <90C41DD21FB7C64BB94121FBBC2E723445A91D3F44@P3PW5EX1MB01.EX1.SECURESERVER.NET> <AANLkTi=tvwsR=_EhPRkYEwC+ERwRCNN2aAWDqRDvwx8B@mail.gmail.com> <FFDFD7371D517847AD71FBB08F9A315638493F514F@SP2-EX07VS06.ds.corp.yahoo.com> <AANLkTimxhoK1vt8HwSF9dvu4Z5xjqrLLb2SULj9pp=9b@mail.gmail.com> <AANLkTi=DtgpWNyEKBg=0GhOWuqSvzF5q0SJQgfZNRm8M@mail.gmail.com> <90C41DD21FB7C64BB94121FBBC2E723445A91D3F9A@P3PW5EX1MB01.EX1.SECURESERVER.NET> <AANLkTindJ3oGpggvZ7jRJ4TRhTRomyZG+DwLOfbHD2kq@mail.gmail.com> <OFEFAF96E1.1837BBD4-ON8025783B.0040108E-8025783B.0040FF69@ie.ibm.com> <AANLkTi=PnOmyaMnNrGgPnOO_wtF8b_=v99wiR5ospHLH@mail.gmail.com> <4D68F471.3090204@lodderstedt.net> <4D6C0289.3030300@alcatel-lucent.com>
From: Marius Scurtescu <mscurtescu@google.com>
Date: Mon, 28 Feb 2011 14:58:03 -0800
Message-ID: <AANLkTi=GK2Lrb_snOenhiCPxdqL85VHqLyp4Y1_aCCdp@mail.gmail.com>
To: igor.faynberg@alcatel-lucent.com
Content-Type: text/plain; charset="ISO-8859-1"
X-System-Of-Record: true
Cc: OAuth WG <oauth@ietf.org>, oauth-bounces@ietf.org
Subject: Re: [OAUTH-WG] Draft -12 feedback deadline
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Feb 2011 22:57:24 -0000
On Mon, Feb 28, 2011 at 12:16 PM, Igor Faynberg <igor.faynberg@alcatel-lucent.com> wrote: > +1 > > Igor > > Torsten Lodderstedt wrote: >> >> ... >> >> I'm in favour to add the refresh token parameter to the implicit grant >> flow as it would make it more useable for native apps. I think it is much safer to go with refresh tokens only sent indirectly through an authorization code swap. Implicit grant with refresh token also has no client secret swap and makes things worse by passing the refresh token through the browser. Marius
- [OAUTH-WG] Draft -12 feedback deadline Eran Hammer-Lahav
- Re: [OAUTH-WG] Draft -12 feedback deadline Marius Scurtescu
- Re: [OAUTH-WG] Draft -12 feedback deadline Skylar Woodward
- Re: [OAUTH-WG] Draft -12 feedback deadline Richer, Justin P.
- Re: [OAUTH-WG] Draft -12 feedback deadline Eran Hammer-Lahav
- Re: [OAUTH-WG] Draft -12 feedback deadline Phil Hunt
- Re: [OAUTH-WG] Draft -12 feedback deadline Eran Hammer-Lahav
- Re: [OAUTH-WG] Draft -12 feedback deadline Eran Hammer-Lahav
- Re: [OAUTH-WG] Draft -12 feedback deadline Marius Scurtescu
- Re: [OAUTH-WG] Draft -12 feedback deadline Eran Hammer-Lahav
- Re: [OAUTH-WG] Draft -12 feedback deadline Eran Hammer-Lahav
- Re: [OAUTH-WG] Draft -12 feedback deadline Marius Scurtescu
- Re: [OAUTH-WG] Draft -12 feedback deadline Eran Hammer-Lahav
- Re: [OAUTH-WG] Draft -12 feedback deadline William Mills
- Re: [OAUTH-WG] Draft -12 feedback deadline Marius Scurtescu
- Re: [OAUTH-WG] Draft -12 feedback deadline Brian Campbell
- Re: [OAUTH-WG] Draft -12 feedback deadline Justin Richer
- Re: [OAUTH-WG] Draft -12 feedback deadline Eran Hammer-Lahav
- Re: [OAUTH-WG] Draft -12 feedback deadline Marius Scurtescu
- Re: [OAUTH-WG] Draft -12 feedback deadline Eran Hammer-Lahav
- Re: [OAUTH-WG] Draft -12 feedback deadline Mark Mcgloin
- Re: [OAUTH-WG] Draft -12 feedback deadline Marius Scurtescu
- Re: [OAUTH-WG] Draft -12 feedback deadline Torsten Lodderstedt
- Re: [OAUTH-WG] Draft -12 feedback deadline Igor Faynberg
- Re: [OAUTH-WG] Draft -12 feedback deadline Marius Scurtescu
- Re: [OAUTH-WG] Draft -12 feedback deadline Phil Hunt
- Re: [OAUTH-WG] Draft -12 feedback deadline Igor Faynberg
- Re: [OAUTH-WG] Draft -12 feedback deadline Eran Hammer-Lahav
- Re: [OAUTH-WG] Draft -12 feedback deadline Skylar Woodward
- Re: [OAUTH-WG] Draft -12 feedback deadline Torsten Lodderstedt