[OAUTH-WG] Typos and language in -21
Niv Steingarten <nivstein@gmail.com> Mon, 12 September 2011 20:59 UTC
Return-Path: <nivstein@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D096421F8E34 for <oauth@ietfa.amsl.com>; Mon, 12 Sep 2011 13:59:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.584
X-Spam-Level:
X-Spam-Status: No, score=-3.584 tagged_above=-999 required=5 tests=[AWL=0.015, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id opZfZ1Lbl2VA for <oauth@ietfa.amsl.com>; Mon, 12 Sep 2011 13:59:04 -0700 (PDT)
Received: from mail-qy0-f172.google.com (mail-qy0-f172.google.com [209.85.216.172]) by ietfa.amsl.com (Postfix) with ESMTP id 3291221F8E26 for <oauth@ietf.org>; Mon, 12 Sep 2011 13:59:04 -0700 (PDT)
Received: by qyk32 with SMTP id 32so2162731qyk.10 for <oauth@ietf.org>; Mon, 12 Sep 2011 14:01:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:from:date:message-id:subject:to:content-type; bh=0Tdep8PXbUVL8WOYtvgaPk9+wNkosm8QoZqKODI8jGY=; b=U6gCtkTgYB4k/4TM3lG5uGUgqgvG2qcBOCw1cbm08jp4U0exVJaRB5gOW2TkUfJAZF QJniG85J9oKuPElgxtWOnn26FsgsR2+Dn3gSajtXZAXPXXB47pq6R8PIBYOxjt9j+5Xm 0wuKpBMVyWfBF9zMzzOAiAs7OgPS4g4ALgHaE=
Received: by 10.52.65.242 with SMTP id a18mr2300614vdt.341.1315861268067; Mon, 12 Sep 2011 14:01:08 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.52.29.207 with HTTP; Mon, 12 Sep 2011 14:00:48 -0700 (PDT)
From: Niv Steingarten <nivstein@gmail.com>
Date: Tue, 13 Sep 2011 00:00:48 +0300
Message-ID: <CACEVmuohcOT1Y84Z0c0-t03gKK3_n_MwaxVkpF77AAeRoRar3g@mail.gmail.com>
To: OAuth WG <oauth@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Subject: [OAUTH-WG] Typos and language in -21
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Sep 2011 20:59:04 -0000
In section 10.12 (CSRF):
5th paragraph: "A CSRF attack against the against the authorization
server's authorization endpoint"
One "against the" is redundant.
4th paragraph: "The binding value enables the client to validate the
validity of the request by matching the binding value to the
user-agent's authenticated state."
The phrase "validate the validity of the request" sounds a bit
awkward in my opinion. I'd personally go with either "establish the
validity of the request" or simply "validate the request".
-- Niv
- [OAUTH-WG] Typos and language in -21 Niv Steingarten
- Re: [OAUTH-WG] Typos and language in -21 Eran Hammer-Lahav