[OAUTH-WG] Proposed OAuth Core -28

Mike Jones <Michael.Jones@microsoft.com> Tue, 19 June 2012 00:03 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 735EF11E8073 for <oauth@ietfa.amsl.com>; Mon, 18 Jun 2012 17:03:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Status: No, score=x tagged_above=-999 required=5 tests=[]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id gGBkDb27jray for <oauth@ietfa.amsl.com>; Mon, 18 Jun 2012 17:03:50 -0700 (PDT)
Received: from tx2outboundpool.messaging.microsoft.com (tx2ehsobe001.messaging.microsoft.com []) by ietfa.amsl.com (Postfix) with ESMTP id D523B21F84FC for <oauth@ietf.org>; Mon, 18 Jun 2012 17:03:47 -0700 (PDT)
Received: from mail177-tx2-R.bigfish.com ( by TX2EHSOBE003.bigfish.com ( with Microsoft SMTP Server id; Tue, 19 Jun 2012 00:02:28 +0000
Received: from mail177-tx2 (localhost []) by mail177-tx2-R.bigfish.com (Postfix) with ESMTP id A657316013B for <oauth@ietf.org>; Tue, 19 Jun 2012 00:02:27 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14HUBC105.redmond.corp.microsoft.com; RD:none; EFVD:NLI
X-SpamScore: 0
X-BigFish: VS0(zzc85fhzz1202hzz8275bh8275dhz2fh793h2a8h668h839hd25hf0ah34h)
Received-SPF: pass (mail177-tx2: domain of microsoft.com designates as permitted sender) client-ip=; envelope-from=Michael.Jones@microsoft.com; helo=TK5EX14HUBC105.redmond.corp.microsoft.com ; icrosoft.com ;
Received: from mail177-tx2 (localhost.localdomain []) by mail177-tx2 (MessageSwitch) id 1340064144473731_21345; Tue, 19 Jun 2012 00:02:24 +0000 (UTC)
Received: from TX2EHSMHS026.bigfish.com (unknown []) by mail177-tx2.bigfish.com (Postfix) with ESMTP id 5C0F960046 for <oauth@ietf.org>; Tue, 19 Jun 2012 00:02:24 +0000 (UTC)
Received: from TK5EX14HUBC105.redmond.corp.microsoft.com ( by TX2EHSMHS026.bigfish.com ( with Microsoft SMTP Server (TLS) id; Tue, 19 Jun 2012 00:02:21 +0000
Received: from TK5EX14MBXC283.redmond.corp.microsoft.com ([]) by TK5EX14HUBC105.redmond.corp.microsoft.com ([]) with mapi id 14.02.0309.003; Tue, 19 Jun 2012 00:03:38 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: Proposed OAuth Core -28
Thread-Index: Ac1NrvRHCkTMxAd8QmCkI0dM6RnD+w==
Date: Tue, 19 Jun 2012 00:03:37 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739436655A85E@TK5EX14MBXC283.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
x-originating-ip: []
Content-Type: multipart/mixed; boundary="_007_4E1F6AAD24975D4BA5B16804296739436655A85ETK5EX14MBXC283r_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
Subject: [OAUTH-WG] Proposed OAuth Core -28
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jun 2012 00:03:51 -0000

In cooperation with the chairs and Eran, I've produced the attached proposed OAuth Core -28 version.  It updates the ABNF in the manner discussed by the working group, allowing username and password to be Unicode and restricting client_id and client_secret to ASCII.  It specifies the use of the application/x-www-form-urlencoded content-type encoding method to encode the client_id when used as the password for HTTP Basic.  A few minor grammar errors encountered were also corrected.  Normative changes are in sections 2.3.1, A.1, A.2, A.15, and A.16.  Unless I hear objections, I'll use the publication tool to post this as -28 at close of business tomorrow, with Eran being the one to give approval in the tool for publication.

                                                                -- Mike