Re: [OAUTH-WG] Preliminary OAuth Core draft -29
Mike Jones <Michael.Jones@microsoft.com> Thu, 12 July 2012 14:45 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 76FFD21F879A for <oauth@ietfa.amsl.com>; Thu, 12 Jul 2012 07:45:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.79
X-Spam-Level:
X-Spam-Status: No, score=-3.79 tagged_above=-999 required=5 tests=[AWL=-0.191, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id McrjLl2IRvIo for <oauth@ietfa.amsl.com>; Thu, 12 Jul 2012 07:45:52 -0700 (PDT)
Received: from am1outboundpool.messaging.microsoft.com (am1ehsobe006.messaging.microsoft.com [213.199.154.209]) by ietfa.amsl.com (Postfix) with ESMTP id 2548F21F8759 for <oauth@ietf.org>; Thu, 12 Jul 2012 07:45:52 -0700 (PDT)
Received: from mail109-am1-R.bigfish.com (10.3.201.247) by AM1EHSOBE003.bigfish.com (10.3.204.23) with Microsoft SMTP Server id 14.1.225.23; Thu, 12 Jul 2012 14:46:22 +0000
Received: from mail109-am1 (localhost [127.0.0.1]) by mail109-am1-R.bigfish.com (Postfix) with ESMTP id B105A3A04AD; Thu, 12 Jul 2012 14:46:22 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14HUBC106.redmond.corp.microsoft.com; RD:none; EFVD:NLI
X-SpamScore: -30
X-BigFish: VS-30(zz98dI9371I936eI542M1432I4015Izz1202hzz1033IL8275dhz2fh2a8h668h839h944hd25hf0ah107ah)
Received-SPF: pass (mail109-am1: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=Michael.Jones@microsoft.com; helo=TK5EX14HUBC106.redmond.corp.microsoft.com ; icrosoft.com ;
Received: from mail109-am1 (localhost.localdomain [127.0.0.1]) by mail109-am1 (MessageSwitch) id 1342104381542122_29006; Thu, 12 Jul 2012 14:46:21 +0000 (UTC)
Received: from AM1EHSMHS012.bigfish.com (unknown [10.3.201.254]) by mail109-am1.bigfish.com (Postfix) with ESMTP id 7898140004E; Thu, 12 Jul 2012 14:46:21 +0000 (UTC)
Received: from TK5EX14HUBC106.redmond.corp.microsoft.com (131.107.125.8) by AM1EHSMHS012.bigfish.com (10.3.207.112) with Microsoft SMTP Server (TLS) id 14.1.225.23; Thu, 12 Jul 2012 14:46:20 +0000
Received: from TK5EX14MBXC284.redmond.corp.microsoft.com ([169.254.1.142]) by TK5EX14HUBC106.redmond.corp.microsoft.com ([157.54.80.61]) with mapi id 14.02.0309.003; Thu, 12 Jul 2012 14:46:13 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Julian Reschke <julian.reschke@gmx.de>
Thread-Topic: [OAUTH-WG] Preliminary OAuth Core draft -29
Thread-Index: Ac1doaVzn0rH3CgzRNqCMkZEFAvQfwAONTcAAAFQgLAAAP+GgACJPrQAAA0VsXA=
Date: Thu, 12 Jul 2012 14:46:13 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739436658DC1D@TK5EX14MBXC284.redmond.corp.microsoft.com>
References: <4E1F6AAD24975D4BA5B16804296739436657C93A@TK5EX14MBXC283.redmond.corp.microsoft.com> <4FFAE2C8.5000109@gmx.de> <4E1F6AAD24975D4BA5B16804296739436657CE30@TK5EX14MBXC283.redmond.corp.microsoft.com> <4FFAF24D.5050805@gmx.de> <4FFE8B56.6030306@gmx.de>
In-Reply-To: <4FFE8B56.6030306@gmx.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.32]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Preliminary OAuth Core draft -29
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Jul 2012 14:45:53 -0000
Thanks, Julian. Dick and I will integrate this into the draft. -- Mike -----Original Message----- From: Julian Reschke [mailto:julian.reschke@gmx.de] Sent: Thursday, July 12, 2012 1:31 AM To: Mike Jones Cc: oauth@ietf.org Subject: Re: [OAUTH-WG] Preliminary OAuth Core draft -29 On 2012-07-09 17:01, Julian Reschke wrote: > On 2012-07-09 16:48, Mike Jones wrote: >> HTML5 is not cited because it's a working draft - not an approved >> standard. In what way is "the definition of the media type in HTML4 >> is known to be insufficient"? People have been successfully >> implementing form-urlencoding with it for quite some time. :-) Is >> there a specific wording change that you'd suggest that we make that >> doesn't involve citing a working draft, rather than an approved standard? > > For instance, the HTML4 "definition" doesn't even mention what to do > with non-ASCII characters. > > I understand that it's not particularly attractive, but citing HTML4 > just because it's a "standard" isn't really helpful for people who > actually follow the link and try to understand what needs to be > implemented. > ... Here's an attempt to describe the encoding in terms of HTML4, plus additional instruction. This would need to be referenced anyway where the spec currently refers to the HTML4 media type definition: -- snip -- Appendix X. Use of the application/x-www-form-urlencoded Media Type At the time of publication of this specification, the "application/x-www-form-urlencoded" media type was defined in Section 17.13.4 of [HTML4], but not registered in the IANA media types registry (<http://www.iana.org/assignments/media-types/index.html>). Furthermore, the definition is incomplete as it does not consider non-US-ASCII characters. To address this shortcoming, when generating payloads using this media type, names and values MUST be encoded using the "UTF-8" character encoding scheme ([RFC3629]) first; the resulting octet sequence then needs to be further encoded using the escaping rules defined in [HTML4]. When parsing data from a payload using this media type, the names and values resulting from reversing the name/value encoding consequently need to be treated as octet sequences, to be decoded using the "UTF-8" character encoding scheme. Example: A value consisting of the six Unicode code points (1) U+0020 (SPACE), (2) U+0025 (PERCENT SIGN), (3) U+0026 (AMPERSAND), (4) U+002B (PLUS SIGN), (5) U+00A3 (POUND SIGN), and (6) U+20AC (EURO SIGN) would be encoded into the octet sequence below (using hexadecimal notation): 20 25 26 2B C2 A3 E2 82 AC and then represented in the payload as: +%25%26%2B%C2%A3%E2%82%AC -- snip -- Best regards, Julian
- [OAUTH-WG] Preliminary OAuth Core draft -29 Mike Jones
- Re: [OAUTH-WG] Preliminary OAuth Core draft -29 Julian Reschke
- Re: [OAUTH-WG] Preliminary OAuth Core draft -29 Julian Reschke
- Re: [OAUTH-WG] Preliminary OAuth Core draft -29 Mike Jones
- Re: [OAUTH-WG] Preliminary OAuth Core draft -29 Julian Reschke
- Re: [OAUTH-WG] Preliminary OAuth Core draft -29 Mike Jones
- Re: [OAUTH-WG] Preliminary OAuth Core draft -29 John Bradley
- Re: [OAUTH-WG] Preliminary OAuth Core draft -29 Julian Reschke
- Re: [OAUTH-WG] Preliminary OAuth Core draft -29 Mike Jones
- Re: [OAUTH-WG] Preliminary OAuth Core draft -29 Dick Hardt
- Re: [OAUTH-WG] Preliminary OAuth Core draft -29 Justin Richer
- Re: [OAUTH-WG] Preliminary OAuth Core draft -29 Dick Hardt
- Re: [OAUTH-WG] Preliminary OAuth Core draft -29 Julian Reschke
- Re: [OAUTH-WG] Preliminary OAuth Core draft -29 Mike Jones
- Re: [OAUTH-WG] Preliminary OAuth Core draft -29 Dick Hardt