Re: [OAUTH-WG] Error Registry Consensus Call

George Fletcher <gffletch@aol.com> Mon, 07 May 2012 23:56 UTC

Return-Path: <gffletch@aol.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4835B21F8533 for <oauth@ietfa.amsl.com>; Mon, 7 May 2012 16:56:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.484
X-Spam-Level:
X-Spam-Status: No, score=-1.484 tagged_above=-999 required=5 tests=[AWL=1.115, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MSv52PyFcCxj for <oauth@ietfa.amsl.com>; Mon, 7 May 2012 16:56:30 -0700 (PDT)
Received: from imr-da06.mx.aol.com (imr-da06.mx.aol.com [205.188.169.203]) by ietfa.amsl.com (Postfix) with ESMTP id 8AC5B21F8543 for <oauth@ietf.org>; Mon, 7 May 2012 16:56:30 -0700 (PDT)
Received: from mtaout-ma06.r1000.mx.aol.com (mtaout-ma06.r1000.mx.aol.com [172.29.41.6]) by imr-da06.mx.aol.com (8.14.1/8.14.1) with ESMTP id q47NuIsT019295; Mon, 7 May 2012 19:56:18 -0400
Received: from palantir.local (unknown [10.172.4.119]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mtaout-ma06.r1000.mx.aol.com (MUA/Third Party Client Interface) with ESMTPSA id 1D33CE0000BB; Mon, 7 May 2012 19:56:18 -0400 (EDT)
Message-ID: <4FA86121.80302@aol.com>
Date: Mon, 07 May 2012 19:56:17 -0400
From: George Fletcher <gffletch@aol.com>
Organization: AOL LLC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:12.0) Gecko/20120428 Thunderbird/12.0.1
MIME-Version: 1.0
To: Hannes Tschofenig <Hannes.Tschofenig@gmx.net>
References: <53E17703-C3BD-48A1-8CB6-BD0D3795DD77@gmx.net> <054E3D0C-8AFC-4585-8ED3-14348E25C4D0@ve7jtb.com>
In-Reply-To: <054E3D0C-8AFC-4585-8ED3-14348E25C4D0@ve7jtb.com>
Content-Type: multipart/alternative; boundary="------------060602060507020909070705"
x-aol-global-disposition: G
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mx.aol.com; s=20110426; t=1336434978; bh=ay/eEYPp9lbgxQwr0VO6at2R74IvdKN2WnqpmwsW3BI=; h=From:To:Subject:Message-ID:Date:MIME-Version:Content-Type; b=rcgO82X09JWM00/Pg/T4Qg3+uIsTxu1x6opWN8sheG3mf34XuWsA4L5Ut4ZpoSWTd RI63faZKvuIr+Bm22Jyl9OAQ1PimvAGBJ+VyW60EWW0svw041W27cQNTZ/XwDFxg98 vSgEUmr1wt3v2E8X70k0kbMVfaNMfTzysE7edTOY=
X-AOL-SCOLL-SCORE: 0:2:481294912:93952408
X-AOL-SCOLL-URL_COUNT: 0
x-aol-sid: 3039ac1d29064fa861223f16
X-AOL-IP: 10.172.4.119
Cc: "oauth@ietf.org WG" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Error Registry Consensus Call
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 May 2012 23:56:31 -0000

I agree that one registry is desired!

On 5/7/12 7:19 PM, John Bradley wrote:
> b)  Unless we remove the OAuth specific errors from bearer it should be in  oath-v2.
>
> One registry is preferable.
>
> John B.
> On 2012-05-07, at 6:48 PM, Hannes Tschofenig wrote:
>
>> Hi all,
>>
>> there is an open issue concerning draft-ietf-oauth-v2-bearer-19 that may impact draft-ietf-oauth-v2-26 (depending on it's resolution) and we would like to get feedback from the working group about it.
>>
>> Here is the issue: When a client makes an access to a protected resources then things may go wrong and an error may be returned in response. draft-ietf-oauth-v2-bearer talks about this behavior.
>>
>> That's great but these error codes need to be registered somewhere. Note that the registry can be created in one document while the values can be registered by many documents.
>>
>> So, where should the registry be?
>>
>> There are two choices.
>>
>> a) A new OAuth errors registry goes into draft-ietf-oauth-v2-bearer.
>>
>> b) draft-ietf-oauth-v2 expands the scope of the existing OAuth Errors registry to encompass errors returned from resource servers.
>>
>> Currently, draft-ietf-oauth-v2 creates registries for error codes only for the exchanges from A-to-D (symbols used from Figure 1 of draft-ietf-oauth-v2), but excludes registration of errors from flows E-F.
>>
>> We must create a registry for error codes from flows E-F.  In which document do we want to create this registry?
>>
>> So, give us your feedback whether you have a preference by the end of the week.
>>
>> Ciao
>> Hannes&  Derek
>>
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
>
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth