Re: [OAUTH-WG] Encoding of Errors in the Base and in the Bearer Spec
Nat Sakimura <sakimura@gmail.com> Wed, 09 May 2012 22:59 UTC
Return-Path: <sakimura@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F12A11E80D1 for <oauth@ietfa.amsl.com>; Wed, 9 May 2012 15:59:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.598
X-Spam-Level:
X-Spam-Status: No, score=-3.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KKxgmYvEqnoj for <oauth@ietfa.amsl.com>; Wed, 9 May 2012 15:59:33 -0700 (PDT)
Received: from mail-bk0-f44.google.com (mail-bk0-f44.google.com [209.85.214.44]) by ietfa.amsl.com (Postfix) with ESMTP id 5BC3611E8086 for <oauth@ietf.org>; Wed, 9 May 2012 15:59:33 -0700 (PDT)
Received: by bkty8 with SMTP id y8so859691bkt.31 for <oauth@ietf.org>; Wed, 09 May 2012 15:59:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=references:from:in-reply-to:mime-version:date:message-id:subject:to :cc:content-type; bh=YbgzlAu8RONvaq+s9ReorW/It2IYsmiqa7b7bHL0STY=; b=Ikf9HzwWl+tDcrbH+UxttC3kcoH6dcLcQYrYAQDNQrX8L3MgT0vI3GrTiSxV2Y6Eso vtkuENRgv2fkiPUHVTew/JJ+G+UzcrxadKT1hr69iO4OgSmzXFvElQPWdQpw0Bh5Ish6 0klymTI7wXJJ7gYL8t9qaT2Bg5IdA3iTFhAkvKqmH8nvRUDJgxwsP+jl4LM2yZG25QUE TvGK2Y+593NtQX9oAHZne5HvF7W2MmAyN135vcnpi4vUdOa3SnRoQazjL8Mr7RqxDCW8 HSwK03hG7Wo0t1Bs7Aln4r77hRYHOzPpe69PlKXWDoc957S05u7m+mKviaT/mwMo4je8 OHiw==
Received: by 10.204.151.200 with SMTP id d8mr769281bkw.82.1336604372288; Wed, 09 May 2012 15:59:32 -0700 (PDT)
References: <7D98C51F-84D8-48AA-B94D-EABE4D0921DB@gmx.net> <4E1F6AAD24975D4BA5B1680429673943664CE2AE@TK5EX14MBXC283.redmond.corp.microsoft.com> <1336601896.10694.YahooMailNeo@web31807.mail.mud.yahoo.com>
From: Nat Sakimura <sakimura@gmail.com>
In-Reply-To: <1336601896.10694.YahooMailNeo@web31807.mail.mud.yahoo.com>
Mime-Version: 1.0 (1.0)
Date: Thu, 10 May 2012 00:59:35 +0200
Message-ID: <513620288134878108@unknownmsgid>
To: William Mills <wmills@yahoo-inc.com>
Content-Type: multipart/alternative; boundary="0015175cba84d0c67604bfa2741c"
Cc: "oauth@ietf.org WG" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Encoding of Errors in the Base and in the Bearer Spec
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 May 2012 22:59:34 -0000
+1 for the consistency. Nat Sakimura On 2012/05/10, at 0:18, William Mills <wmills@yahoo-inc.com> wrote: +1 ------------------------------ *From:* Mike Jones <Michael.Jones@microsoft.com> *To:* Hannes Tschofenig <hannes.tschofenig@gmx.net>; "oauth@ietf.org WG" < oauth@ietf.org> *Sent:* Wednesday, May 9, 2012 3:15 PM *Subject:* Re: [OAUTH-WG] Encoding of Errors in the Base and in the Bearer Spec 2) Consistent syntax across both OAuth specs. -- Mike -----Original Message----- From: oauth-bounces@ietf.org [mailto:oauth-bounces@ietf.org] On Behalf Of Hannes Tschofenig Sent: Wednesday, May 09, 2012 3:07 PM To: oauth@ietf.org WG Subject: [OAUTH-WG] Encoding of Errors in the Base and in the Bearer Spec Hi all, another issue that came up in Sean's IESG review was about the encoding of the error / error_description / error_uri in the base and in the bearer specification. As mentioned in my earlier mail about the registry for the error codes there are three error fields defined in the two specification and the error / error_description / error_uri fields are allowed to appear in different parts of an HTTP message. Depending on where they show up different encoding restrictions apply. For the core specification these error fields may appear in the * body of the HTTP message (encoded in JSON) * parameters to the query component of the redirection URI (using the "application/x-www-form-urlencoded" format) For the bearer specification these error fields appear in the HTTP header. Consequently, http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-19 says 'values for the "error" and "error_description" attributes MUST NOT include characters outside the set %x20-21 / %x23-5B / %x5D-7E.' Now, here is the question. While these errors are essentially copied over from one spec to the other the different encoding restrictions make them different. Do we want different encodings of errors in the two documents? So, I see two options: 1) Leave the encoding as it is. This means the encoding of the error / error_description / error_uri in the two specifications is different. 2) Harmonize the encoding between the two specifications by incorporating the restrictions from the bearer specification into the base specification. Please indicate your preference by the end of next week (18th May 2012). Ciao Hannes _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
- [OAUTH-WG] Encoding of Errors in the Base and in … Hannes Tschofenig
- Re: [OAUTH-WG] Encoding of Errors in the Base and… Mike Jones
- Re: [OAUTH-WG] Encoding of Errors in the Base and… William Mills
- Re: [OAUTH-WG] Encoding of Errors in the Base and… John Bradley
- Re: [OAUTH-WG] Encoding of Errors in the Base and… Eran Hammer
- Re: [OAUTH-WG] Encoding of Errors in the Base and… Mike Jones
- Re: [OAUTH-WG] Encoding of Errors in the Base and… Mike Jones
- Re: [OAUTH-WG] Encoding of Errors in the Base and… Nat Sakimura
- Re: [OAUTH-WG] Encoding of Errors in the Base and… Eran Hammer
- Re: [OAUTH-WG] Encoding of Errors in the Base and… Mike Jones
- Re: [OAUTH-WG] Encoding of Errors in the Base and… Eran Hammer
- Re: [OAUTH-WG] Encoding of Errors in the Base and… George Fletcher
- Re: [OAUTH-WG] Encoding of Errors in the Base and… SM
- Re: [OAUTH-WG] Encoding of Errors in the Base and… Eran Hammer
- Re: [OAUTH-WG] Encoding of Errors in the Base and… Murray S. Kucherawy
- Re: [OAUTH-WG] Encoding of Errors in the Base and… Eran Hammer
- Re: [OAUTH-WG] Encoding of Errors in the Base and… Hannes Tschofenig