Re: [OAUTH-WG] Device profile draft
"Zeltsan, Zachary (Zachary)" <zachary.zeltsan@alcatel-lucent.com> Thu, 15 July 2010 20:36 UTC
Return-Path: <zachary.zeltsan@alcatel-lucent.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0492A3A6A30 for <oauth@core3.amsl.com>; Thu, 15 Jul 2010 13:36:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xZ+apjR8SPTQ for <oauth@core3.amsl.com>; Thu, 15 Jul 2010 13:36:11 -0700 (PDT)
Received: from ihemail4.lucent.com (ihemail4.lucent.com [135.245.0.39]) by core3.amsl.com (Postfix) with ESMTP id 94C983A67F5 for <oauth@ietf.org>; Thu, 15 Jul 2010 13:36:11 -0700 (PDT)
Received: from usnavsmail2.ndc.alcatel-lucent.com (usnavsmail2.ndc.alcatel-lucent.com [135.3.39.10]) by ihemail4.lucent.com (8.13.8/IER-o) with ESMTP id o6FKaJDn018037 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 15 Jul 2010 15:36:20 -0500 (CDT)
Received: from USNAVSXCHHUB03.ndc.alcatel-lucent.com (usnavsxchhub03.ndc.alcatel-lucent.com [135.3.39.112]) by usnavsmail2.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id o6FKaH6T016100; Thu, 15 Jul 2010 15:36:19 -0500
Received: from USNAVSXCHMBSA3.ndc.alcatel-lucent.com ([135.3.39.127]) by USNAVSXCHHUB03.ndc.alcatel-lucent.com ([135.3.39.112]) with mapi; Thu, 15 Jul 2010 15:36:19 -0500
From: "Zeltsan, Zachary (Zachary)" <zachary.zeltsan@alcatel-lucent.com>
To: 'David Recordon' <recordond@gmail.com>, OAuth WG <oauth@ietf.org>
Date: Thu, 15 Jul 2010 15:36:19 -0500
Thread-Topic: [OAUTH-WG] Device profile draft
Thread-Index: AcskVoMNXi14aszUS3Gm7rsoBCcFpQAAsJWg
Message-ID: <5710F82C0E73B04FA559560098BF95B124F9688DD4@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
References: <AANLkTimwAtY91GtsaUICsHNkh2a4zS0kJTbr6xs7W7lI@mail.gmail.com>
In-Reply-To: <AANLkTimwAtY91GtsaUICsHNkh2a4zS0kJTbr6xs7W7lI@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_5710F82C0E73B04FA559560098BF95B124F9688DD4USNAVSXCHMBSA_"
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.39
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.10
Cc: Jim Brusstar <jimbru@facebook.com>
Subject: Re: [OAUTH-WG] Device profile draft
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Jul 2010 20:36:17 -0000
Section 1.5:
"The client makes the following request at an arbitrary but reasonable
interval which MUST NOT exceed the minimum interval rate provided by
the authorization server (if present via the "interval" parameter)."
My understanding is that the intervals between the client's subsequent requests must not be less than the value provided by the "interval" parameter (if it is present). If that is correct than the intervals between the subsequent requests MUST exceed (or be equal to) the value of the "interval" parameter.
Section 1.4:
"interval
OPTIONAL. The minimum amount of time in seconds that the
client SHOULD wait between polling requests to the token
endpoint"
The definition uses the SHOULD requirement, while in section 1.5 the MUST requirement is used. Should not the requirement be the same in both places?
Zachary
________________________________
From: oauth-bounces@ietf.org [mailto:oauth-bounces@ietf.org] On Behalf Of David Recordon
Sent: Thursday, July 15, 2010 3:47 PM
To: OAuth WG
Cc: Jim Brusstar
Subject: [OAUTH-WG] Device profile draft
I've broken the device profile out of draft 06 so that it now lives in a separate document as an extension and have updated it to fit into the draft 10 structure. It defines a new "device endpoint" for the initial setup request where the client gets the two codes and URL. It then uses the existing token endpoint for polling for an access token.
Jim is currently working on an implementation of it and we're generally looking for feedback from implementors. The current polling mechanism hasn't been tested in production deployments so it's possible that it may change in future drafts. My goal is for this to become a working group draft.
http://github.com/daveman692/OAuth-2.0/raw/master/draft-recordon-oauth-v2-device-00.txt
Thanks!
--David
- [OAUTH-WG] Device profile draft David Recordon
- Re: [OAUTH-WG] Device profile draft George Fletcher
- Re: [OAUTH-WG] Device profile draft David Recordon
- Re: [OAUTH-WG] Device profile draft Zeltsan, Zachary (Zachary)
- Re: [OAUTH-WG] Device profile draft David Recordon
- Re: [OAUTH-WG] Device profile draft Michael D Adams
- Re: [OAUTH-WG] Device profile draft David Recordon
- Re: [OAUTH-WG] Device profile draft David Recordon