Re: [OAUTH-WG] Defining a maximum token length?
Dick Hardt <dick.hardt@gmail.com> Wed, 10 March 2010 04:02 UTC
Return-Path: <dick.hardt@gmail.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7AF773A681A for <oauth@core3.amsl.com>; Tue, 9 Mar 2010 20:02:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.57
X-Spam-Level:
X-Spam-Status: No, score=-2.57 tagged_above=-999 required=5 tests=[AWL=0.029, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uZ-ix8Zdv1YN for <oauth@core3.amsl.com>; Tue, 9 Mar 2010 20:02:23 -0800 (PST)
Received: from mail-ew0-f216.google.com (mail-ew0-f216.google.com [209.85.219.216]) by core3.amsl.com (Postfix) with ESMTP id 74BB93A6AC9 for <oauth@ietf.org>; Tue, 9 Mar 2010 20:02:23 -0800 (PST)
Received: by ewy8 with SMTP id 8so1099648ewy.28 for <oauth@ietf.org>; Tue, 09 Mar 2010 20:02:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:subject:mime-version :content-type:from:in-reply-to:date:cc:content-transfer-encoding :message-id:references:to:x-mailer; bh=lfGVYtpmahsxGQNJSykJMOH/01h+m7nJriRbkhGl1Fw=; b=E6pJlM+o6Uhi91OLTuXyj9NcxCHQX+pl3QtZisHJbjNX0KB+i6vziWrfa74yXctCl3 V+HUT90n1SxPiAMdf48rPxavfmuY4+xQt+O9rr9jm1naR79t4v9bNXXvmLCyDZQq8ALR UtQpbRhbRI8zz4VQWfOCBpsy16oIY64AYqDV8=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=subject:mime-version:content-type:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to:x-mailer; b=cnDV0p3RXzNT96nMzFV751mYxqhBIEc9iE1vBZC1GayFfzlgYrL9/ewd0Ee1VeW8z+ Lgrfw/IbhXmFmMGp86EX3zC7KxyPB2Pspu/lnLUUJDDuSsXZeFN8pZBob4R43fQOIpSk 36LpMRwjZCPec8Z66TMP3gAMiw6rZ2awupmHs=
Received: by 10.213.100.199 with SMTP id z7mr4642259ebn.98.1268193745032; Tue, 09 Mar 2010 20:02:25 -0800 (PST)
Received: from [10.0.0.152] ([204.153.195.166]) by mx.google.com with ESMTPS id 14sm3653694ewy.14.2010.03.09.20.02.22 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 09 Mar 2010 20:02:23 -0800 (PST)
Mime-Version: 1.0 (Apple Message framework v1077)
Content-Type: text/plain; charset="us-ascii"
From: Dick Hardt <dick.hardt@gmail.com>
In-Reply-To: <fd6741651003091950w682db38ct257caf2dfc8e5855@mail.gmail.com>
Date: Tue, 09 Mar 2010 20:02:18 -0800
Content-Transfer-Encoding: quoted-printable
Message-Id: <9FC57A38-0331-4A9E-B8F2-50BF79D348B0@gmail.com>
References: <fd6741651003091550t5a464496r57aae9a60c516599@mail.gmail.com> <74caaad21003091623i8b7c343jc3bb806fe327492d@mail.gmail.com> <12ED1FAC-B9C6-47C1-AC01-AB33D110EF8C@gmail.com> <68f4a0e81003091824n5453cf4cp151f313de5fd9c5e@mail.gmail.com> <fd6741651003091916o4c3b3a3ao4dc7871ddf7df23b@mail.gmail.com> <74caaad21003091925x7aeac395uac5ad816c543771e@mail.gmail.com> <fd6741651003091950w682db38ct257caf2dfc8e5855@mail.gmail.com>
To: David Recordon <recordond@gmail.com>
X-Mailer: Apple Mail (2.1077)
Cc: OAuth WG <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Defining a maximum token length?
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Mar 2010 04:02:24 -0000
On 2010-03-09, at 7:50 PM, David Recordon wrote: > On Tue, Mar 9, 2010 at 7:25 PM, Dick Hardt <dick.hardt@gmail.com> wrote: >> I understand the desire to set a max length that can easily fit into a DB. >> There are lots of other items I think the developer is storing that can be >> long as well, like URLs -- so I don't see it as a huge issue. >> I do see the need to make it clear that it can be a few K or something like >> that so that people don't assume it is shorter than it might be. >> -- Dick > > Why would the URLs be stored in a database? Same reason an Access Token would be. Was that a trick question? My point was that there are other arbitrary pieces of data that developers store and need to retrieve. > Wouldn't they be in > configuration files given that OAuth doesn't support discovery of new > servers? yet
- [OAUTH-WG] Defining a maximum token length? David Recordon
- Re: [OAUTH-WG] Defining a maximum token length? Chuck Mortimore
- Re: [OAUTH-WG] Defining a maximum token length? Marius Scurtescu
- Re: [OAUTH-WG] Defining a maximum token length? David Recordon
- Re: [OAUTH-WG] Defining a maximum token length? Dick Hardt
- Re: [OAUTH-WG] Defining a maximum token length? Ethan Jewett
- Re: [OAUTH-WG] Defining a maximum token length? Dick Hardt
- Re: [OAUTH-WG] Defining a maximum token length? David Recordon
- Re: [OAUTH-WG] Defining a maximum token length? Dick Hardt
- Re: [OAUTH-WG] Defining a maximum token length? Marius Scurtescu
- Re: [OAUTH-WG] Defining a maximum token length? David Recordon
- Re: [OAUTH-WG] Defining a maximum token length? Dick Hardt
- Re: [OAUTH-WG] Defining a maximum token length? Torsten Lodderstedt
- Re: [OAUTH-WG] Defining a maximum token length? Luke Shepard
- Re: [OAUTH-WG] Defining a maximum token length? Brian Eaton
- Re: [OAUTH-WG] Defining a maximum token length? Torsten Lodderstedt
- Re: [OAUTH-WG] Defining a maximum token length? David Waite
- Re: [OAUTH-WG] Defining a maximum token length? Luke Shepard
- Re: [OAUTH-WG] Defining a maximum token length? Brian Eaton
- Re: [OAUTH-WG] Defining a maximum token length? Justin Smith
- Re: [OAUTH-WG] Defining a maximum token length? John Kemp
- Re: [OAUTH-WG] Defining a maximum token length? Moritz Maisel
- Re: [OAUTH-WG] Defining a maximum token length? John Kemp
- Re: [OAUTH-WG] Defining a maximum token length? Paul Lindner
- Re: [OAUTH-WG] Defining a maximum token length? John Kemp
- Re: [OAUTH-WG] Defining a maximum token length? Paul Lindner
- Re: [OAUTH-WG] Defining a maximum token length? jbemmel
- Re: [OAUTH-WG] Defining a maximum token length? Marius Scurtescu
- Re: [OAUTH-WG] Defining a maximum token length? Luke Shepard
- Re: [OAUTH-WG] Defining a maximum token length? Brian Eaton
- Re: [OAUTH-WG] Defining a maximum token length? Anthony Nadalin
- Re: [OAUTH-WG] Defining a maximum token length? Allen Tom
- Re: [OAUTH-WG] Defining a maximum token length? Eran Hammer-Lahav
- Re: [OAUTH-WG] Defining a maximum token length? Torsten Lodderstedt
- Re: [OAUTH-WG] Defining a maximum token length? Torsten Lodderstedt
- Re: [OAUTH-WG] Defining a maximum token length? John Kemp
- Re: [OAUTH-WG] Defining a maximum token length? Naitik Shah
- Re: [OAUTH-WG] Defining a maximum token length? Anthony Nadalin
- Re: [OAUTH-WG] Defining a maximum token length? Eliot Lear
- Re: [OAUTH-WG] Defining a maximum token length? Allen Tom
- Re: [OAUTH-WG] Defining a maximum token length? Eran Hammer-Lahav
- Re: [OAUTH-WG] Defining a maximum token length? Luke Shepard