[OAUTH-WG] MAC: body-hash
Eran Hammer-Lahav <eran@hueniverse.com> Sat, 19 November 2011 15:39 UTC
Return-Path: <eran@hueniverse.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BCF3721F8906 for <oauth@ietfa.amsl.com>; Sat, 19 Nov 2011 07:39:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.535
X-Spam-Level:
X-Spam-Status: No, score=-2.535 tagged_above=-999 required=5 tests=[AWL=0.063, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hwlvfzw0skXH for <oauth@ietfa.amsl.com>; Sat, 19 Nov 2011 07:39:24 -0800 (PST)
Received: from p3plex1out02.prod.phx3.secureserver.net (p3plex1out02.prod.phx3.secureserver.net [72.167.180.18]) by ietfa.amsl.com (Postfix) with SMTP id 7E5FE21F850B for <oauth@ietf.org>; Sat, 19 Nov 2011 07:39:19 -0800 (PST)
Received: (qmail 12510 invoked from network); 19 Nov 2011 15:39:18 -0000
Received: from unknown (HELO smtp.ex1.secureserver.net) (72.167.180.47) by p3plex1out02.prod.phx3.secureserver.net with SMTP; 19 Nov 2011 15:39:18 -0000
Received: from P3PW5EX1MB01.EX1.SECURESERVER.NET ([10.6.135.19]) by P3PW5EX1HT005.EX1.SECURESERVER.NET ([72.167.180.134]) with mapi; Sat, 19 Nov 2011 08:39:18 -0700
From: Eran Hammer-Lahav <eran@hueniverse.com>
To: OAuth WG <oauth@ietf.org>
Date: Sat, 19 Nov 2011 08:39:05 -0700
Thread-Topic: MAC: body-hash
Thread-Index: Acym0Srj6ldOsg2FQ0u3XZcwg9JdEQ==
Message-ID: <90C41DD21FB7C64BB94121FBBC2E7234526735EDF1@P3PW5EX1MB01.EX1.SECURESERVER.NET>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_90C41DD21FB7C64BB94121FBBC2E7234526735EDF1P3PW5EX1MB01E_"
MIME-Version: 1.0
Subject: [OAUTH-WG] MAC: body-hash
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 19 Nov 2011 15:39:24 -0000
I want to reaffirm our previous consensus to drop the body-hash parameter and leave the ext parameter. Body-hash as currently specified is going to cause significant interop issues due to character (and other) encoding issues. Providers who desire to MAC the body can define their own ext use case. Let me know if you have an objection to this change. EHL
- [OAUTH-WG] MAC: body-hash Eran Hammer-Lahav
- Re: [OAUTH-WG] MAC: body-hash William Mills
- Re: [OAUTH-WG] MAC: body-hash Phil Hunt
- Re: [OAUTH-WG] MAC: body-hash Eran Hammer-Lahav
- Re: [OAUTH-WG] MAC: body-hash Peter Wolanin
- Re: [OAUTH-WG] MAC: body-hash Peter Wolanin
- Re: [OAUTH-WG] MAC: body-hash Eran Hammer-Lahav