Re: [OAUTH-WG] Question related Implicit Grant Type

William Mills <wmills@yahoo-inc.com> Mon, 30 January 2012 04:36 UTC

Return-Path: <wmills@yahoo-inc.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 93EF621F8528 for <oauth@ietfa.amsl.com>; Sun, 29 Jan 2012 20:36:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -16.18
X-Spam-Level:
X-Spam-Status: No, score=-16.18 tagged_above=-999 required=5 tests=[AWL=-1.182, BAYES_50=0.001, HTML_MESSAGE=0.001, USER_IN_DEF_WHITELIST=-15]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jvBOLmwcoD5R for <oauth@ietfa.amsl.com>; Sun, 29 Jan 2012 20:36:36 -0800 (PST)
Received: from nm14-vm0.bullet.mail.ac4.yahoo.com (nm14-vm0.bullet.mail.ac4.yahoo.com [98.139.52.234]) by ietfa.amsl.com (Postfix) with SMTP id B320321F850F for <oauth@ietf.org>; Sun, 29 Jan 2012 20:36:36 -0800 (PST)
Received: from [98.139.52.196] by nm14.bullet.mail.ac4.yahoo.com with NNFMP; 30 Jan 2012 04:36:32 -0000
Received: from [98.139.52.165] by tm9.bullet.mail.ac4.yahoo.com with NNFMP; 30 Jan 2012 04:36:32 -0000
Received: from [127.0.0.1] by omp1048.mail.ac4.yahoo.com with NNFMP; 30 Jan 2012 04:36:32 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 665859.83395.bm@omp1048.mail.ac4.yahoo.com
Received: (qmail 85542 invoked by uid 60001); 30 Jan 2012 04:36:32 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo-inc.com; s=ginc1024; t=1327898189; bh=W/s+CjTvxAySxRK0hQqBphqdjLS2XrKR5jisJh73bic=; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=WDiRwjYgdckWyi/Y41tsmky6qTB/K9IzfJvS6B5mqytBcgwhpfds4oSI6a+oRawAYOL7HfzCK+wIvRb2MmqpBJbxwZjZ7lxQTmygTmWf3Cs9iuCUprosprbm06GByItcTyXGpk+rmvwUPdVyrTa6wFEJaUMkAUcHN9Z0VRbK8jg=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=ginc1024; d=yahoo-inc.com; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=m0ArCPupem7taosXvEW50umy9lKPa7vQXikWtpyAHHwGz+TgUPWU1jmqGbJdZUx4FB2z35Fex2r9JcL4TjNZrxf0RoPRRHys92hBiiztHUh2HC5G0mhqClxKWLO+MMqEiqFyhPLgxegrSfUdxk5SFCCBamJKAZqI9wzN8o73sxs=;
X-YMail-OSG: E.sseZYVM1kyV7J.I3bxVLLAKcCoIUJI_4tY9i.GzWlQ85a cYQQRPjdDISFfRHTwOFHTnj_FnjklTVXm_SX8xKxcgbqf_8kF7EZswaz.gZT 9Aqw96POJQmbyPKlXeox276OkQduKwHqI5ftlH9TeujKZfp5Fn7H8Ynq9QAW 7hpRApSxpdvb8RuLKqT0pg5xpaOMZo2IqQwY7bebJwE.ysAkiNgOa3y.1Dj7 iLYOS9yVveNZ5eLBQzTkE7SBPuzM9JwpwzjoHFfosJlOSKsgFsiO.DjLi.pt LIOBd865t3dUEOzZ2nKdd12jphdg3W42K0mKusgsJM1sOiDkXtb1nD8Sb40K ZY7lPypYEig0wCKKs6w6YeFU29G5SZ6tFQVX5WqkyfbWw4BVh8R7GQeM2Z5w SDSVhQilr6pLEwpk4dS.8WRGFu_mS
Received: from [99.31.212.42] by web31808.mail.mud.yahoo.com via HTTP; Sun, 29 Jan 2012 20:36:29 PST
X-RocketYMMF: william_john_mills
X-Mailer: YahooMailWebService/0.8.116.338427
References: <CAD-drXt1_EJ3yQZ5wFdAXZV2K-a8qUxHNJyx46gyb9qurAqmNw@mail.gmail.com>
Message-ID: <1327898189.84945.YahooMailNeo@web31808.mail.mud.yahoo.com>
Date: Sun, 29 Jan 2012 20:36:29 -0800
From: William Mills <wmills@yahoo-inc.com>
To: Security Developer <security.developer22@gmail.com>, "OAuth@ietf.org" <OAuth@ietf.org>
In-Reply-To: <CAD-drXt1_EJ3yQZ5wFdAXZV2K-a8qUxHNJyx46gyb9qurAqmNw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="258328648-1591626533-1327898189=:84945"
Subject: Re: [OAUTH-WG] Question related Implicit Grant Type
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: William Mills <wmills@yahoo-inc.com>
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Jan 2012 04:36:37 -0000

There are a couple of cases where you could have a much simpler API than HTTP, implicit is one of those.  All in all though it's easier to leave everything under the same rules, instead of having to define a new protocol for thing like implicit.

I think that answers your question?

-bill



________________________________
 From: Security Developer <security.developer22@gmail.com>
To: OAuth@ietf.org 
Sent: Sunday, January 29, 2012 3:25 AM
Subject: [OAUTH-WG] Question related Implicit Grant Type
 

Hi,

My question is, why web hosted resource is needed to extract the access token?

Thanks for your time.

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth