Re: [OAUTH-WG] AD review of -22
Eran Hammer-Lahav <eran@hueniverse.com> Wed, 02 November 2011 20:52 UTC
Return-Path: <eran@hueniverse.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7CC8D11E811F for <oauth@ietfa.amsl.com>; Wed, 2 Nov 2011 13:52:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.514
X-Spam-Level:
X-Spam-Status: No, score=-2.514 tagged_above=-999 required=5 tests=[AWL=0.085, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gasp3AUmPcq1 for <oauth@ietfa.amsl.com>; Wed, 2 Nov 2011 13:52:03 -0700 (PDT)
Received: from p3plex1out02.prod.phx3.secureserver.net (p3plex1out02.prod.phx3.secureserver.net [72.167.180.18]) by ietfa.amsl.com (Postfix) with SMTP id 0E1A611E80BC for <oauth@ietf.org>; Wed, 2 Nov 2011 13:52:03 -0700 (PDT)
Received: (qmail 11536 invoked from network); 2 Nov 2011 20:52:01 -0000
Received: from unknown (HELO smtp.ex1.secureserver.net) (72.167.180.19) by p3plex1out02.prod.phx3.secureserver.net with SMTP; 2 Nov 2011 20:52:01 -0000
Received: from P3PW5EX1MB01.EX1.SECURESERVER.NET ([10.6.135.19]) by P3PW5EX1HT001.EX1.SECURESERVER.NET ([72.167.180.19]) with mapi; Wed, 2 Nov 2011 13:51:45 -0700
From: Eran Hammer-Lahav <eran@hueniverse.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, John Bradley <ve7jtb@ve7jtb.com>
Date: Wed, 02 Nov 2011 13:47:01 -0700
Thread-Topic: [OAUTH-WG] AD review of -22
Thread-Index: AcyZoGRZCGPlMCtnQJy2LGe5ycIipwAAC3Hb
Message-ID: <90C41DD21FB7C64BB94121FBBC2E72345263321026@P3PW5EX1MB01.EX1.SECURESERVER.NET>
References: <4E971C36.7050000@cs.tcd.ie> <4EB19DD1.6050904@lodderstedt.net>, <5E3E5DFE-C122-4D89-9578-61A6C16EBD76@ve7jtb.com> <90C41DD21FB7C64BB94121FBBC2E72345263321025@P3PW5EX1MB01.EX1.SECURESERVER.NET> <F5B0E1D6-2377-4487-8D23-8E55CCABB260@ve7jtb.com>, <4EB1ABDF.4030509@cs.tcd.ie>
In-Reply-To: <4EB1ABDF.4030509@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] AD review of -22
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Nov 2011 20:52:03 -0000
The problem is centered on the definition of a client. If it is a service specific implementation which is merely using OAuth for access, there isn't any interop requirements other than making sure the client and server are compatible. But if the client is a general purpose OAuth library or generic client (e.g. CURL), then the MTI becomes critical for any real interop. I don't have a strong prefernece here, but we should clearly define the client characteristics in this discussion since an OAuth client isn't usually similar to an HTTP client in its interop reality. I am not sure how to craft this language into spec form, but we might want to list such a MTI requirement in terms of a 'client designed to work across multiuple providers such as a general purpose library'. EHL ________________________________________ From: Stephen Farrell [stephen.farrell@cs.tcd.ie] Sent: Wednesday, November 02, 2011 1:45 PM To: John Bradley Cc: Eran Hammer-Lahav; oauth@ietf.org Subject: Re: [OAUTH-WG] AD review of -22 So perhaps this is the interesting point of difference. On 11/02/2011 08:37 PM, John Bradley wrote: > It is up to the server to decide what formats it will support. With IETF protocols, its IETF consensus that decides this in almost all cases that affect interop and it is therefore not up to the specific server deployment admin what the server code will support. I think this case affects interop. and should be treated as for any other IETF protocol. Am I wrong? S
- [OAUTH-WG] AD review of -22 Stephen Farrell
- Re: [OAUTH-WG] AD review of -22 Eran Hammer-Lahav
- Re: [OAUTH-WG] AD review of -22 Torsten Lodderstedt
- Re: [OAUTH-WG] AD review of -22 John Bradley
- Re: [OAUTH-WG] AD review of -22 Eran Hammer-Lahav
- Re: [OAUTH-WG] AD review of -22 Phil Hunt
- Re: [OAUTH-WG] AD review of -22 Justin Richer
- Re: [OAUTH-WG] AD review of -22 Stephen Farrell
- Re: [OAUTH-WG] AD review of -22 Mike Jones
- Re: [OAUTH-WG] AD review of -22 Stephen Farrell
- Re: [OAUTH-WG] AD review of -22 John Bradley
- Re: [OAUTH-WG] AD review of -22 Phillip Hunt
- Re: [OAUTH-WG] AD review of -22 Stephen Farrell
- Re: [OAUTH-WG] AD review of -22 Torsten Lodderstedt
- Re: [OAUTH-WG] AD review of -22 Eran Hammer-Lahav
- Re: [OAUTH-WG] AD review of -22 John Bradley
- Re: [OAUTH-WG] AD review of -22 André DeMarre
- Re: [OAUTH-WG] AD review of -22 William Mills
- Re: [OAUTH-WG] AD review of -22 Justin Richer
- Re: [OAUTH-WG] AD review of -22 Eran Hammer-Lahav
- Re: [OAUTH-WG] AD review of -22 Phil Hunt
- Re: [OAUTH-WG] AD review of -22 Michael Thomas
- Re: [OAUTH-WG] AD review of -22 William Mills