Re: [OAUTH-WG] Extension Mechanism
George Fletcher <gffletch@aol.com> Tue, 08 June 2010 19:58 UTC
Return-Path: <gffletch@aol.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2B8FC3A68BC for <oauth@core3.amsl.com>; Tue, 8 Jun 2010 12:58:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id izCK9kPKOUlH for <oauth@core3.amsl.com>; Tue, 8 Jun 2010 12:58:54 -0700 (PDT)
Received: from imr-ma01.mx.aol.com (imr-ma01.mx.aol.com [64.12.206.39]) by core3.amsl.com (Postfix) with ESMTP id C51E03A683F for <oauth@ietf.org>; Tue, 8 Jun 2010 12:58:53 -0700 (PDT)
Received: from mtaout-mb01.r1000.mx.aol.com (mtaout-mb01.r1000.mx.aol.com [172.29.41.65]) by imr-ma01.mx.aol.com (8.14.1/8.14.1) with ESMTP id o58Jw6Pn030619; Tue, 8 Jun 2010 15:58:18 -0400
Received: from palantir.local (unknown [10.181.183.108]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mtaout-mb01.r1000.mx.aol.com (MUA/Third Party Client Interface) with ESMTPSA id 3806DE00029B; Tue, 8 Jun 2010 15:58:18 -0400 (EDT)
Message-ID: <4C0EA0D8.6060407@aol.com>
Date: Tue, 08 Jun 2010 15:58:16 -0400
From: George Fletcher <gffletch@aol.com>
Organization: AOL LLC
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1.9) Gecko/20100317 Thunderbird/3.0.4
MIME-Version: 1.0
To: Nat Sakimura <sakimura@gmail.com>
References: <AANLkTik71Izx8JF0I24hp7Vwx8LnKGpoEDhQRq9TxMyE@mail.gmail.com>
In-Reply-To: <AANLkTik71Izx8JF0I24hp7Vwx8LnKGpoEDhQRq9TxMyE@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------070304040901030300030007"
x-aol-global-disposition: G
X-AOL-SCOLL-SCORE: 0:2:483851552:93952408
X-AOL-SCOLL-URL_COUNT: 0
x-aol-sid: 3039ac1d29414c0ea0da4a83
X-AOL-IP: 10.181.183.108
Cc: oauth <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Extension Mechanism
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Jun 2010 19:58:55 -0000
+1 for a defined extension mechanism maybe I didn't understand but I would have thought the "pape:error" would be... "pape:error"="Invalid max_auth_age format." does the message itself need to be namespaced? Thanks, George On 6/8/10 12:45 AM, Nat Sakimura wrote: > Defining an Extension Mechanism for both request and response would > generally be useful. > > Some basic design principles: > > - no name space through type URI: fixed registered string for extensions. > e.g., for Open Graph, perhaps use og:variable_names OR og_variable > names > where either "og:" or "og_" is the type prefix. (I kind of prefer > ":" over "_" as > a separator since in CGI "-" and "_" will be identical, and in PHP > GPC parameters > "." and "_" are identical. Also, we are using "_" in the variable > names already. ) > - no cross interactions with other extensions > > I think it should be added as Chapter 7 or so, which means Security > Considerations will be chapter 8. > > Following is the straw-man. > > 7. Extension Mechanism > > Additional parameters MAY be defined for any request and response. > The parameter names MUST start with a parameter prefix separated by a > colon ":". > > For example: > > pape:max_auth_age > > Each extension MUST define its own error messages and MUST return them > through > the prefixed "error" parameter. > > For example: > > "pape:error":"Invalid max_auth_age format." > > > cheers, > > Nat > > > > > > > -- > Nat Sakimura (=nat) > http://www.sakimura.org/en/ > http://twitter.com/_nat_en > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
- [OAUTH-WG] Extension Mechanism Nat Sakimura
- Re: [OAUTH-WG] Extension Mechanism George Fletcher
- Re: [OAUTH-WG] Extension Mechanism Nat Sakimura