IETF Logo Mail Archive

Re: [OAUTH-WG] application/x-www-form-urlencoded vs JSON

Torsten Lodderstedt <torsten@lodderstedt.net> Mon, 19 April 2010 19:04 UTC

Return-Path: <torsten@lodderstedt.net>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C67D63A6800 for <oauth@core3.amsl.com>; Mon, 19 Apr 2010 12:04:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.953
X-Spam-Level:
X-Spam-Status: No, score=-1.953 tagged_above=-999 required=5 tests=[AWL=0.295, BAYES_00=-2.599, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 41iEoYH3l+hA for <oauth@core3.amsl.com>; Mon, 19 Apr 2010 12:04:14 -0700 (PDT)
Received: from smtprelay04.ispgateway.de (smtprelay04.ispgateway.de [80.67.31.38]) by core3.amsl.com (Postfix) with ESMTP id 3EFD93A67B2 for <oauth@ietf.org>; Mon, 19 Apr 2010 12:04:02 -0700 (PDT)
Received: from p4fff2afb.dip.t-dialin.net ([79.255.42.251] helo=[127.0.0.1]) by smtprelay04.ispgateway.de with esmtpa (Exim 4.68) (envelope-from <torsten@lodderstedt.net>) id 1O3wG7-0007ME-WA; Mon, 19 Apr 2010 21:03:52 +0200
Message-ID: <4BCCA913.3010800@lodderstedt.net>
Date: Mon, 19 Apr 2010 21:03:47 +0200
From: Torsten Lodderstedt <torsten@lodderstedt.net>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; de; rv:1.9.1.9) Gecko/20100317 Thunderbird/3.0.4
MIME-Version: 1.0
To: Mike Moore <blowmage@gmail.com>
References: <h2yf5bedd151004190757q27927b65na3e5c5744a53526a@mail.gmail.com> <C7F1C3F0.327E6%eran@hueniverse.com> <n2lf5bedd151004190859u31ea13f4hbe2fbbe38d03de8f@mail.gmail.com>
In-Reply-To: <n2lf5bedd151004190859u31ea13f4hbe2fbbe38d03de8f@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------030600000005010901080002"
X-Df-Sender: 141509
Cc: OAuth WG <oauth@ietf.org>
Subject: Re: [OAUTH-WG] application/x-www-form-urlencoded vs JSON
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Apr 2010 19:04:15 -0000

Am 19.04.2010 17:59, schrieb Mike Moore:
> On Mon, Apr 19, 2010 at 9:25 AM, Eran Hammer-Lahav 
> <eran@hueniverse.com <mailto:eran@hueniverse.com>> wrote:
>
>     You are missing the point.
>
>
> No, I get it. But what I like about OAuth 1.0 was its simplicity. I 
> don't see how allowing either the server or client 
> to suggest alternate encodings allows OAuth 2.0 to do more. I don't 
> think the added complexity is worth it. Not everything needs to be 
> configurable.

So what should be the singlemost encoding to be standardized? I would be 
unable to choose one.

 From my experiences, the optimal encoding primarily depends on the 
capabilities and style guides of a particular client platform. JSON is 
fine for JavaScript client, XML might be better for other client 
platforms, command line scripts can probably easier be implemented using 
plain text.

Our (proprietary) security token service offers different types of 
transport encoding, e.g. json and xml. This is highly appreciated by the 
client developers.

regards,
Torsten.

v2.15.0 | Report a Bug | By Email