Re: [OAUTH-WG] Section 7.2
William Mills <wmills@yahoo-inc.com> Fri, 15 June 2012 18:06 UTC
Return-Path: <wmills@yahoo-inc.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 94B2221F856F for <oauth@ietfa.amsl.com>; Fri, 15 Jun 2012 11:06:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.518
X-Spam-Level:
X-Spam-Status: No, score=-17.518 tagged_above=-999 required=5 tests=[AWL=0.080, BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_DEF_WHITELIST=-15]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y6jVgtYJuLrZ for <oauth@ietfa.amsl.com>; Fri, 15 Jun 2012 11:06:18 -0700 (PDT)
Received: from nm5-vm1.bullet.mail.ne1.yahoo.com (nm5-vm1.bullet.mail.ne1.yahoo.com [98.138.91.32]) by ietfa.amsl.com (Postfix) with SMTP id 39BFF21F851A for <oauth@ietf.org>; Fri, 15 Jun 2012 11:06:17 -0700 (PDT)
Received: from [98.138.90.56] by nm5.bullet.mail.ne1.yahoo.com with NNFMP; 15 Jun 2012 18:06:15 -0000
Received: from [98.138.89.240] by tm9.bullet.mail.ne1.yahoo.com with NNFMP; 15 Jun 2012 18:06:14 -0000
Received: from [127.0.0.1] by omp1013.mail.ne1.yahoo.com with NNFMP; 15 Jun 2012 18:06:14 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 758814.75006.bm@omp1013.mail.ne1.yahoo.com
Received: (qmail 19043 invoked by uid 60001); 15 Jun 2012 18:06:14 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo-inc.com; s=ginc1024; t=1339783574; bh=YxnwbMjQdhNKMoUidtPiCspbAXLEBcxw9rXPyyLKl/Q=; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=ad/7aFb6N8/UdiklyrRLM09gIBThlNgnU8S7XOjJJO40ZX0ALL5S0SNeMneN38Zv0i/9ns1IHaQon0oosZh/0hLN1lqQ1iqd0P+iHoiQn2PNgmbsOmvsFDWuUHtLCV33NnHiKlo8rQzd9Fy4AcKlt2xfGj/P31wCG3m+xsGto+g=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=ginc1024; d=yahoo-inc.com; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=CMDxNJ27p9jIqXVCkAvju8XSWkn+xwbse/vkeUa0LuPlW6bxw9i/mkCth9vLal+bUfhT9uXb3ADW0/PyWjE1nuogwfBYwbedJn+bJWpXefoFcvb7sAe+r6XwJKzJIeGL8JxGWVLQDsBAQ3Zps+3I3OEX56JuXBDNtI/48oWpnLA=;
X-YMail-OSG: VKbQl1cVM1kkL3z8R_x1HD3BnxYizXfuL3uuRTE7YqdsZ9M cUu7kz29tgmd.XfYycqLZGc_QJBiD2eGCFWrYLNld4xSm2k7y_fWW8wRpYBt Cte35YfgbOzQdCnXzVKEciiDpYkioYvsxVSLs9W2i4a22ajbXNLJv.LzlcyD dO5HnNl28euX8G5tS0IQRGev2R5sVkg7Uubpr3c41saAHO_oBr51D6s9TDwL ojxOwIYtGfK_FtNMYGLbI8ZPiRXeVIecYZxWtjitBoa9jKsZI6U_HfHexqDc BTqwzCyJRNXocJ3Tc.tyx_ZKeS1JaRLQ82LiinsWNp39ZT1ckE0wO4SULUmG OV6GyuvhxHUz1pL6sf_wAoTUNlNrPx3n31QMZyFJNte0VheOmFiyZjKGy5ha yjLvbhJVNZXyaL50Co2vfxpxUEWRyoj0Ep1UY2i7ZTeVyPu_UdPw-
Received: from [209.131.62.115] by web31812.mail.mud.yahoo.com via HTTP; Fri, 15 Jun 2012 11:06:14 PDT
X-RocketYMMF: william_john_mills
X-Mailer: YahooMailWebService/0.8.120.356233
References: <0CBAEB56DDB3A140BA8E8C124C04ECA201073394@P3PWEX2MB008.ex2.secureserver.net> <4E1F6AAD24975D4BA5B1680429673943665394D7@TK5EX14MBXC284.redmond.corp.microsoft.com> <0CBAEB56DDB3A140BA8E8C124C04ECA2010734C5@P3PWEX2MB008.ex2.secureserver.net> <0CBAEB56DDB3A140BA8E8C124C04ECA201073573@P3PWEX2MB008.ex2.secureserver.net> <4E1F6AAD24975D4BA5B168042967394366539839@TK5EX14MBXC284.redmond.corp.microsoft.com> <0CBAEB56DDB3A140BA8E8C124C04ECA201073B82@P3PWEX2MB008.ex2.secureserver.net>
Message-ID: <1339783574.11702.YahooMailNeo@web31812.mail.mud.yahoo.com>
Date: Fri, 15 Jun 2012 11:06:14 -0700
From: William Mills <wmills@yahoo-inc.com>
To: Eran Hammer <eran@hueniverse.com>, Mike Jones <Michael.Jones@microsoft.com>, "oauth@ietf.org WG (oauth@ietf.org)" <oauth@ietf.org>
In-Reply-To: <0CBAEB56DDB3A140BA8E8C124C04ECA201073B82@P3PWEX2MB008.ex2.secureserver.net>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="1458549034-42515180-1339783574=:11702"
Subject: Re: [OAUTH-WG] Section 7.2
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: William Mills <wmills@yahoo-inc.com>
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Jun 2012 18:06:19 -0000
+1 >________________________________ > From: Eran Hammer <eran@hueniverse.com> >To: Mike Jones <Michael.Jones@microsoft.com>; "oauth@ietf.org WG (oauth@ietf.org)" <oauth@ietf.org> >Sent: Thursday, June 14, 2012 11:32 PM >Subject: Re: [OAUTH-WG] Section 7.2 > > > >WFM. > >This will be the new text for 7.2 unless someone has any additional feedback or concerns. > >This closes my issue with the new error registry changes. > >EH > >From:Mike Jones [mailto:Michael.Jones@microsoft.com] >Sent: Thursday, June 14, 2012 6:15 PM >To: Eran Hammer; oauth@ietf.org WG (oauth@ietf.org) >Subject: RE: [OAUTH-WG] Section 7.2 > >Thanks for writing the text below. It looks fine to me. About adding the other error parameters as suggestions, that seems like a reasonable thing to do. How about the text at the end below, which adds mentions of error_description and error_uri? > >7.2. Error Response > > If a resource access request fails, the resource server SHOULD inform > the client of the error. While the specifics of such error responses > are beyond the scope of this specification, this documents establishes > a common registry for error values to be shared among OAuth token > authentication schemes. > > New authentication schemes designed primarily for OAuth token > authentication SHOULD define a mechanism for providing an > error status code to the client, in which the error values allowed are > registered in the error registry established by this specification. Such > schemes MAY limit the set of valid error codes to a subset of the > registered values. If the error code is returned using a named parameter, > the parameter name SHOULD be "error". > > Other schemes capable of being used for OAuth token authentication, but > not primarily designed for that purpose, MAY bind their error values to the > registry in the same manner. > > New authentication schemes MAY choose to also specify the use of the > "error_description" and "error_uri" parameters to return error information > in a manner parallel to their usage in this specification. > > > -- Mike > >P.S. If you already have the text you wrote in a copy of the draft, you should apply these spelling corrections: > desgined -> designed > authentiction -> authentication > >-----Original Message----- >From: Eran Hammer [mailto:eran@hueniverse.com] >Sent: Thursday, June 14, 2012 3:29 PM >To: Eran Hammer; Mike Jones; oauth@ietf.org WG (oauth@ietf.org) >Subject: RE: [OAUTH-WG] Section 7.2 > >Mike - if you want to add the other error parameters as suggestions, that would be fine by me. > >EH > >> -----Original Message----- >> From: oauth-bounces@ietf.org [mailto:oauth-bounces@ietf.org] On Behalf >> Of Eran Hammer >> Sent: Thursday, June 14, 2012 3:23 PM >> To: Mike Jones; oauth@ietf.org WG (oauth@ietf.org) >> Subject: Re: [OAUTH-WG] Section 7.2 >> >> 7.2. Error Response >> >> If a resource access request fails, the resource server SHOULD inform >> the client of the error. While the specifics of such error responses >> are beyond the scope of this specification, this documents establishes >> a common registry for error values to be shared among OAuth token >> authentication schemes. >> >> New authentication schemes desgined primarily for OAuth token >> authentiction SHOULD define a mechanism for providing an >> error status code to the client, in which the error values allowed are >> registered in the error registry established by this specification. Such >> schemes MAY limit the set of valid error codes to a subset of the >> registered values. If the error code is returned using a named parameter, >> the parameter name SHOULD be "error". >> >> Other schemes capable of being used for OAuth token authentication, but >> not primarily designed for that purpose, MAY bind their error values to the >> registry in the same manner. >> >> EH >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth > >_______________________________________________ >OAuth mailing list >OAuth@ietf.org >https://www.ietf.org/mailman/listinfo/oauth > > >
- Re: [OAUTH-WG] Section 7.2 Mike Jones
- [OAUTH-WG] Section 7.2 Eran Hammer
- Re: [OAUTH-WG] Section 7.2 Eran Hammer
- Re: [OAUTH-WG] Section 7.2 Eran Hammer
- Re: [OAUTH-WG] Section 7.2 Mike Jones
- Re: [OAUTH-WG] Section 7.2 Eran Hammer
- Re: [OAUTH-WG] Section 7.2 William Mills
- Re: [OAUTH-WG] Section 7.2 Hannes Tschofenig
- Re: [OAUTH-WG] Section 7.2 Mike Jones
- Re: [OAUTH-WG] Section 7.2 Mike Jones
- Re: [OAUTH-WG] Section 7.2 Eran Hammer
- Re: [OAUTH-WG] Section 7.2 Mike Jones
- Re: [OAUTH-WG] Section 7.2 Hannes Tschofenig
- Re: [OAUTH-WG] Section 7.2 Eran Hammer