IETF Logo Mail Archive

Re: [OAUTH-WG] defining new response types

Marius Scurtescu <mscurtescu@google.com> Tue, 12 July 2011 22:18 UTC

Return-Path: <mscurtescu@google.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5178711E8087 for <oauth@ietfa.amsl.com>; Tue, 12 Jul 2011 15:18:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -105.977
X-Spam-Level:
X-Spam-Status: No, score=-105.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FvzDgzcX+uEc for <oauth@ietfa.amsl.com>; Tue, 12 Jul 2011 15:18:31 -0700 (PDT)
Received: from smtp-out.google.com (smtp-out.google.com [74.125.121.67]) by ietfa.amsl.com (Postfix) with ESMTP id 1524421F8C24 for <oauth@ietf.org>; Tue, 12 Jul 2011 15:18:30 -0700 (PDT)
Received: from hpaq14.eem.corp.google.com (hpaq14.eem.corp.google.com [172.25.149.14]) by smtp-out.google.com with ESMTP id p6CMITqa024806 for <oauth@ietf.org>; Tue, 12 Jul 2011 15:18:29 -0700
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=google.com; s=beta; t=1310509109; bh=nS66Z8FscCRVkyISbvdr7h+KFaM=; h=MIME-Version:In-Reply-To:References:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=hN9dWrU89gxiSdC5JSqEAuRpYd/7RJbniHjbkjtGMcJtc46B3PTXAabCuy184Ze9C S2IiPK/q1FLaKy6MU8n8g==
DomainKey-Signature: a=rsa-sha1; s=beta; d=google.com; c=nofws; q=dns; h=dkim-signature:mime-version:in-reply-to:references:from:date: message-id:subject:to:cc:content-type:x-system-of-record; b=MO6JGBKMAbkbfHvBsKztI4ePlUDMz4elMSRdK4/6w/E5T23KqZa5kIS8vXbqMmx9l 5FzZ3M9NL8w4cTYwy3e0g==
Received: from gwaa18 (gwaa18.prod.google.com [10.200.27.18]) by hpaq14.eem.corp.google.com with ESMTP id p6CMHuWp007677 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for <oauth@ietf.org>; Tue, 12 Jul 2011 15:18:28 -0700
Received: by gwaa18 with SMTP id a18so2138857gwa.19 for <oauth@ietf.org>; Tue, 12 Jul 2011 15:18:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=beta; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=tEHKOSjvdfzl46ZuItJXaqt0lbtl+R+F/gAPLs/qx+E=; b=HFBTlaWuZwFyO0LhisDYsq4+nVHdOb7co5huxIMtd+IVpuyRWHHHVhcBUOuyUKISaR +XlQILIFGY8KbVuhGOIA==
Received: by 10.100.83.15 with SMTP id g15mr477026anb.79.1310509108283; Tue, 12 Jul 2011 15:18:28 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.100.14.19 with HTTP; Tue, 12 Jul 2011 15:18:08 -0700 (PDT)
In-Reply-To: <90C41DD21FB7C64BB94121FBBC2E7234501D4A0611@P3PW5EX1MB01.EX1.SECURESERVER.NET>
References: <CAGdjJpKq=90QhSt68sYbtW9TtW+OR5nxYxTSC1A1jYRA=369tg@mail.gmail.com> <85A6E014-25A0-4970-8741-2F174B20688E@hueniverse.com> <CAAJ++qHek0v=cPcRgWBhku5mftjMEDQzekvjABqynMGBo_p7GQ@mail.gmail.com> <90C41DD21FB7C64BB94121FBBC2E7234501D4A058C@P3PW5EX1MB01.EX1.SECURESERVER.NET> <CAAJ++qGMkF5deh6FCYSxAUUcGrXrawWBL3PyyDHSto9xq+066A@mail.gmail.com> <90C41DD21FB7C64BB94121FBBC2E7234501D4A05A6@P3PW5EX1MB01.EX1.SECURESERVER.NET> <CAAJ++qHHLfRASxQ6uPSVeQTRE139JzYNuGz-pcobG9WQF58F1w@mail.gmail.com> <4E1F6AAD24975D4BA5B168042967394348D46521@TK5EX14MBXC201.redmond.corp.microsoft.com> <90C41DD21FB7C64BB94121FBBC2E7234501D4A0611@P3PW5EX1MB01.EX1.SECURESERVER.NET>
From: Marius Scurtescu <mscurtescu@google.com>
Date: Tue, 12 Jul 2011 15:18:08 -0700
Message-ID: <CAGdjJpKJ+mnpnfxqKd6kGQDPQ3+8P6EAkp9LKWLeYNLRXfBTPw@mail.gmail.com>
To: Eran Hammer-Lahav <eran@hueniverse.com>
Content-Type: text/plain; charset="ISO-8859-1"
X-System-Of-Record: true
Cc: OAuth WG <oauth@ietf.org>
Subject: Re: [OAUTH-WG] defining new response types
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Jul 2011 22:18:32 -0000

On Tue, Jul 12, 2011 at 1:35 PM, Eran Hammer-Lahav <eran@hueniverse.com> wrote:
> I will withdraw my objections to the change (parsing the response_type string) if enough support is present. If you care about it, please speak out now.

The complexity of composite response types is affecting mostly
authorization servers. Hiding this behind the requirement to
explicitly register all combinations is not helping much IMO. Most
auth server implementations will end up parsing the list and looking
at the individual elements anyhow.

Marius

v2.35.0 | Report a Bug | By Email | System Status