IETF Logo Mail Archive

[OAUTH-WG] Extension Mechanism

Nat Sakimura <sakimura@gmail.com> Tue, 08 June 2010 04:45 UTC

Return-Path: <sakimura@gmail.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 81BBC3A6959 for <oauth@core3.amsl.com>; Mon, 7 Jun 2010 21:45:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.973
X-Spam-Level:
X-Spam-Status: No, score=-0.973 tagged_above=-999 required=5 tests=[AWL=-0.975, BAYES_50=0.001, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BJCmA7QB94fD for <oauth@core3.amsl.com>; Mon, 7 Jun 2010 21:45:58 -0700 (PDT)
Received: from mail-iw0-f172.google.com (mail-iw0-f172.google.com [209.85.214.172]) by core3.amsl.com (Postfix) with ESMTP id DCD003A6955 for <oauth@ietf.org>; Mon, 7 Jun 2010 21:45:57 -0700 (PDT)
Received: by iwn42 with SMTP id 42so4224395iwn.31 for <oauth@ietf.org>; Mon, 07 Jun 2010 21:45:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:content-type; bh=vny3EKu4j7txBDJcF2hXPbfwS09OcFt6cE08/6LvLRU=; b=SplAZ1R3j2QCX6IrxyL/a1R+fmGi9DmuGs6cZ4RzlGexdoVm1X/jfHMZS47Ov/NRaH vFDPMRlAi5Hvu7V1lp1Ol/x1Q5r3drfKZah3ghNYjvkbfoJGELzQGbuahJZ7WfxWidoE e2WAPzxtFsbtHkDgajbOPZptdVo1CWF9diZyw=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=vwiccLXOnZgnhz8j+o9gywLUzjoXFi8NNfbNlzkV2IUg/+PrFjvYTun56MLNvlxxc0 /1Y39tX0h1iHvsFTNH7T5BgpOsTaG4JPtNwUBsdmaazL+Uuw4T16posxZaOaKVdRY+3i GkmGhE+0p3EarFwv/GGHzJsINYXEoc3YaobgI=
MIME-Version: 1.0
Received: by 10.231.171.13 with SMTP id f13mr5673994ibz.103.1275972352760; Mon, 07 Jun 2010 21:45:52 -0700 (PDT)
Received: by 10.231.15.133 with HTTP; Mon, 7 Jun 2010 21:45:52 -0700 (PDT)
Date: Tue, 08 Jun 2010 13:45:52 +0900
Message-ID: <AANLkTik71Izx8JF0I24hp7Vwx8LnKGpoEDhQRq9TxMyE@mail.gmail.com>
From: Nat Sakimura <sakimura@gmail.com>
To: oauth <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="001636c9246bd45abc04887d76b7"
Subject: [OAUTH-WG] Extension Mechanism
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Jun 2010 04:45:59 -0000

Defining an Extension Mechanism for both request and response would
generally be useful.

Some basic design principles:

- no name space through type URI: fixed registered string for extensions.
   e.g., for Open Graph, perhaps use og:variable_names OR og_variable names
    where either "og:" or "og_" is the type prefix. (I kind of prefer ":"
over "_" as
    a separator since in CGI "-" and "_" will be identical, and in PHP GPC
parameters
    "." and "_"  are identical. Also, we are using "_" in the variable names
already. )
- no cross interactions with other extensions

I think it should be added as Chapter 7 or so, which means Security
Considerations will be chapter 8.

Following is the straw-man.

7. Extension Mechanism

Additional parameters MAY be defined for any request and response.
The parameter names MUST start with a parameter prefix separated by a colon
":".

For example:

pape:max_auth_age

Each extension MUST define its own error messages and MUST return them
through
the prefixed "error" parameter.

For example:

"pape:error":"Invalid max_auth_age format."


cheers,

Nat






-- 
Nat Sakimura (=nat)
http://www.sakimura.org/en/
http://twitter.com/_nat_en

v2.23.0 | Report a Bug | By Email