IETF Logo Mail Archive

Re: [OAUTH-WG] Proposed Syntax Changes in Dynamic Registration

Mike Jones <Michael.Jones@microsoft.com> Mon, 20 May 2013 16:53 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EBA6F21F9696 for <oauth@ietfa.amsl.com>; Mon, 20 May 2013 09:53:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mrVprQqvL-mJ for <oauth@ietfa.amsl.com>; Mon, 20 May 2013 09:52:55 -0700 (PDT)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2lp0204.outbound.protection.outlook.com [207.46.163.204]) by ietfa.amsl.com (Postfix) with ESMTP id 6686B21F9695 for <oauth@ietf.org>; Mon, 20 May 2013 09:52:55 -0700 (PDT)
Received: from BY2FFO11FD007.protection.gbl (10.1.15.200) by BY2FFO11HUB037.protection.gbl (10.1.14.120) with Microsoft SMTP Server (TLS) id 15.0.698.0; Mon, 20 May 2013 16:52:53 +0000
Received: from TK5EX14HUBC103.redmond.corp.microsoft.com (131.107.125.37) by BY2FFO11FD007.mail.protection.outlook.com (10.1.14.128) with Microsoft SMTP Server (TLS) id 15.0.698.0 via Frontend Transport; Mon, 20 May 2013 16:52:52 +0000
Received: from TK5EX14MBXC283.redmond.corp.microsoft.com ([169.254.2.161]) by TK5EX14HUBC103.redmond.corp.microsoft.com ([157.54.86.9]) with mapi id 14.03.0136.001; Mon, 20 May 2013 16:52:47 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Phil Hunt <phil.hunt@oracle.com>, Justin Richer <jricher@mitre.org>
Thread-Topic: [OAUTH-WG] Proposed Syntax Changes in Dynamic Registration
Thread-Index: AQHOVWwkkVRUbqGmb0Chrsy2ymzpkpkOMHcAgAAY8BA=
Date: Mon, 20 May 2013 16:52:47 +0000
Message-ID: <4E1F6AAD24975D4BA5B168042967394367742DDA@TK5EX14MBXC283.redmond.corp.microsoft.com>
References: <519A3C9A.8060305@mitre.org> <9D2C4D6F-EBC0-4313-B3B1-5981A865A604@oracle.com>
In-Reply-To: <9D2C4D6F-EBC0-4313-B3B1-5981A865A604@oracle.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.75]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B168042967394367742DDATK5EX14MBXC283r_"
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(189002)(199002)(377424003)(24454002)(377454002)(78114002)(69226001)(49866001)(76482001)(50986001)(54356001)(51856001)(47976001)(33656001)(54316002)(4396001)(47736001)(56776001)(31966008)(46102001)(56816002)(55846006)(44976003)(512874002)(71186001)(81342001)(16236675002)(81542001)(15202345002)(59766001)(53806001)(6806003)(77982001)(16406001)(20776003)(74706001)(79102001)(63696002)(74366001)(74502001)(74662001)(47446002)(65816001)(66066001)(74876001)(80022001); DIR:OUT; SFP:; SCL:1; SRVR:BY2FFO11HUB037; H:TK5EX14HUBC103.redmond.corp.microsoft.com; RD:InfoDomainNonexistent; MX:1; A:1; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 0852EB6797
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Proposed Syntax Changes in Dynamic Registration
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 May 2013 16:53:01 -0000

I believe that no syntax changes are necessary.

Of the three possible changes described below, I particularly believe that (3) is completely unnecessary, as there is nothing that authenticates to the Token Endpoint other than the client.  Thus, adding “client_” to the name adds no useful semantic content.  This proposed change is especially superfluous.

                                                            -- Mike

From: oauth-bounces@ietf.org [mailto:oauth-bounces@ietf.org] On Behalf Of Phil Hunt
Sent: Monday, May 20, 2013 8:21 AM
To: Justin Richer
Cc: oauth@ietf.org
Subject: Re: [OAUTH-WG] Proposed Syntax Changes in Dynamic Registration

Keep in mind there may be other changes coming.

The issue is that new developers can't figure out what token is being referred to.

Phil

On 2013-05-20, at 8:09, Justin Richer <jricher@mitre.org<mailto:jricher@mitre.org>> wrote:
Phil Hunt's review of the Dynamic Registration specification has raised a couple of issues that I felt were getting buried by the larger discussion (which I still strongly encourage others to jump in to). Namely, Phil has suggested a couple of syntax changes to the names of several parameters.


1) expires_at -> client_secret_expires_at
2) issued_at -> client_id_issued_at
3) token_endpoint_auth_method -> token_endpoint_client_auth_method


I'd like to get a feeling, especially from developers who have deployed this draft spec, what we ought to do for each of these:

 A) Keep the parameter names as-is
 B) Adopt the new names as above
 C) Adopt a new name that I will specify

In all cases, clarifying text will be added to the parameter *definitions* so that it's more clear to people reading the spec what each piece does. Speaking as the editor: "A" is the default as far as I'm concerned, since we shouldn't change syntax without very good reason to do so. That said, if it's going to be better for developers with the new parameter names, I am open to fixing them now.

Naming things is hard.

 -- Justin
_______________________________________________
OAuth mailing list
OAuth@ietf.org<mailto:OAuth@ietf.org>
https://www.ietf.org/mailman/listinfo/oauth

v2.23.0 | Report a Bug | By Email