IETF Logo Mail Archive

Re: [OAUTH-WG] Section 7.2

Mike Jones <Michael.Jones@microsoft.com> Fri, 15 June 2012 01:15 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B10A611E80A1 for <oauth@ietfa.amsl.com>; Thu, 14 Jun 2012 18:15:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.735
X-Spam-Level:
X-Spam-Status: No, score=-3.735 tagged_above=-999 required=5 tests=[AWL=-0.137, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vavw6N4bmexS for <oauth@ietfa.amsl.com>; Thu, 14 Jun 2012 18:15:44 -0700 (PDT)
Received: from am1outboundpool.messaging.microsoft.com (am1ehsobe001.messaging.microsoft.com [213.199.154.204]) by ietfa.amsl.com (Postfix) with ESMTP id 2EB5F11E808F for <oauth@ietf.org>; Thu, 14 Jun 2012 18:15:44 -0700 (PDT)
Received: from mail29-am1-R.bigfish.com (10.3.201.231) by AM1EHSOBE003.bigfish.com (10.3.204.23) with Microsoft SMTP Server id 14.1.225.23; Fri, 15 Jun 2012 01:14:34 +0000
Received: from mail29-am1 (localhost [127.0.0.1]) by mail29-am1-R.bigfish.com (Postfix) with ESMTP id A84502A039F; Fri, 15 Jun 2012 01:14:34 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14MLTC104.redmond.corp.microsoft.com; RD:none; EFVD:NLI
X-SpamScore: -28
X-BigFish: VS-28(zz9371Ic85fh148cI542M1432Izz1202hzz1033IL8275bh8275dhz2fh2a8h668h839hd25hf0ah)
Received-SPF: pass (mail29-am1: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=Michael.Jones@microsoft.com; helo=TK5EX14MLTC104.redmond.corp.microsoft.com ; icrosoft.com ;
Received: from mail29-am1 (localhost.localdomain [127.0.0.1]) by mail29-am1 (MessageSwitch) id 1339722871931381_11689; Fri, 15 Jun 2012 01:14:31 +0000 (UTC)
Received: from AM1EHSMHS017.bigfish.com (unknown [10.3.201.251]) by mail29-am1.bigfish.com (Postfix) with ESMTP id DFD0C32004F; Fri, 15 Jun 2012 01:14:31 +0000 (UTC)
Received: from TK5EX14MLTC104.redmond.corp.microsoft.com (131.107.125.8) by AM1EHSMHS017.bigfish.com (10.3.207.155) with Microsoft SMTP Server (TLS) id 14.1.225.23; Fri, 15 Jun 2012 01:14:30 +0000
Received: from TK5EX14MBXC284.redmond.corp.microsoft.com ([169.254.1.189]) by TK5EX14MLTC104.redmond.corp.microsoft.com ([157.54.79.159]) with mapi id 14.02.0298.005; Fri, 15 Jun 2012 01:15:14 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Eran Hammer <eran@hueniverse.com>, "oauth@ietf.org WG (oauth@ietf.org)" <oauth@ietf.org>
Thread-Topic: [OAUTH-WG] Section 7.2
Thread-Index: AQHNSnlK4rMFHIKNpEG6QNgV8mtEhJb6Y6gAgAABoQCAACqMcA==
Date: Fri, 15 Jun 2012 01:15:13 +0000
Message-ID: <4E1F6AAD24975D4BA5B168042967394366539839@TK5EX14MBXC284.redmond.corp.microsoft.com>
References: <0CBAEB56DDB3A140BA8E8C124C04ECA201073394@P3PWEX2MB008.ex2.secureserver.net> <4E1F6AAD24975D4BA5B1680429673943665394D7@TK5EX14MBXC284.redmond.corp.microsoft.com> <0CBAEB56DDB3A140BA8E8C124C04ECA2010734C5@P3PWEX2MB008.ex2.secureserver.net> <0CBAEB56DDB3A140BA8E8C124C04ECA201073573@P3PWEX2MB008.ex2.secureserver.net>
In-Reply-To: <0CBAEB56DDB3A140BA8E8C124C04ECA201073573@P3PWEX2MB008.ex2.secureserver.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.34]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B168042967394366539839TK5EX14MBXC284r_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
Subject: Re: [OAUTH-WG] Section 7.2
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Jun 2012 01:15:45 -0000

Thanks for writing the text below.  It looks fine to me.  About adding the other error parameters as suggestions, that seems like a reasonable thing to do.  How about the text at the end below, which adds mentions of error_description and error_uri?



7.2.  Error Response



   If a resource access request fails, the resource server SHOULD inform

   the client of the error.  While the specifics of such error responses

   are beyond the scope of this specification, this documents establishes

   a common registry for error values to be shared among OAuth token

   authentication schemes.



   New authentication schemes designed primarily for OAuth token

   authentication SHOULD define a mechanism for providing an

   error status code to the client, in which the error values allowed are

   registered in the error registry established by this specification. Such

   schemes MAY limit the set of valid error codes to a subset of the

   registered values. If the error code is returned using a named parameter,

   the parameter name SHOULD be "error".



   Other schemes capable of being used for OAuth token authentication, but

   not primarily designed for that purpose, MAY bind their error values to the

   registry in the same manner.



   New authentication schemes MAY choose to also specify the use of the

   "error_description" and "error_uri" parameters to return error information

   in a manner parallel to their usage in this specification.





                                                            -- Mike



P.S.  If you already have the text you wrote in a copy of the draft, you should apply these spelling corrections:

               desgined -> designed

               authentiction -> authentication



-----Original Message-----
From: Eran Hammer [mailto:eran@hueniverse.com]
Sent: Thursday, June 14, 2012 3:29 PM
To: Eran Hammer; Mike Jones; oauth@ietf.org WG (oauth@ietf.org)
Subject: RE: [OAUTH-WG] Section 7.2



Mike - if you want to add the other error parameters as suggestions, that would be fine by me.



EH



> -----Original Message-----

> From: oauth-bounces@ietf.org<mailto:oauth-bounces@ietf.org> [mailto:oauth-bounces@ietf.org]<mailto:[mailto:oauth-bounces@ietf.org]> On Behalf

> Of Eran Hammer

> Sent: Thursday, June 14, 2012 3:23 PM

> To: Mike Jones; oauth@ietf.org<mailto:oauth@ietf.org> WG (oauth@ietf.org<mailto:oauth@ietf.org>)

> Subject: Re: [OAUTH-WG] Section 7.2

>

> 7.2.  Error Response

>

>    If a resource access request fails, the resource server SHOULD inform

>    the client of the error.  While the specifics of such error responses

>    are beyond the scope of this specification, this documents establishes

>    a common registry for error values to be shared among OAuth token

>    authentication schemes.

>

>    New authentication schemes desgined primarily for OAuth token

>    authentiction SHOULD define a mechanism for providing an

>    error status code to the client, in which the error values allowed are

>    registered in the error registry established by this specification. Such

>    schemes MAY limit the set of valid error codes to a subset of the

>    registered values. If the error code is returned using a named parameter,

>    the parameter name SHOULD be "error".

>

>    Other schemes capable of being used for OAuth token authentication, but

>    not primarily designed for that purpose, MAY bind their error values to the

>    registry in the same manner.

>

> EH

>

> _______________________________________________

> OAuth mailing list

> OAuth@ietf.org<mailto:OAuth@ietf.org>

> https://www.ietf.org/mailman/listinfo/oauth

v2.23.0 | Report a Bug | By Email