Re: [OAUTH-WG] The best method to get generated bearer tokens encoded
John Bradley <ve7jtb@ve7jtb.com> Tue, 07 April 2015 13:09 UTC
Return-Path: <ve7jtb@ve7jtb.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF2B11B3560 for <oauth@ietfa.amsl.com>; Tue, 7 Apr 2015 06:09:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I0RIUkW4c_mj for <oauth@ietfa.amsl.com>; Tue, 7 Apr 2015 06:09:20 -0700 (PDT)
Received: from mail-pa0-f53.google.com (mail-pa0-f53.google.com [209.85.220.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D48761B355D for <oauth@ietf.org>; Tue, 7 Apr 2015 06:09:20 -0700 (PDT)
Received: by pabsx10 with SMTP id sx10so78403438pab.3 for <oauth@ietf.org>; Tue, 07 Apr 2015 06:09:20 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:mime-version:subject:from :in-reply-to:date:cc:content-transfer-encoding:message-id:references :to; bh=QuFj9V358txkMVIZ9tYOdV4FqzuVTx6RZmaH7Qgo1FI=; b=b9nzePT7nEbUfGB18WcE+M7OaDAZ5M7w0VoZSnmWxNLprjvUNiRSgVGuU2Alf6YCYX SlTbLSZpc8VMXEbCiWSzeK4qAdXCFfSr7fcjEAFZoIcRhgedJ5bdkSnlPxSKv8QvQ9Qe GPuFv90KIw1c11rzw28LdjZDLEWjTuApScyav2L4iTw5gDYE+jitclRBULyPBUnz30si 9zVRlY6oPbbrMndpH0Oz9RmFwtoIBGtmG20a8ACIgIqInSd4pkaImNam8sJxVHnng3rg 4e/lhHy8NN0dRl1NaLbCOfIlXkYJE1X97yZrRfxEHMZC9U9pO41Pf5LHxy9p6T6f2yLV XisA==
X-Gm-Message-State: ALoCoQnVwms8gbyHOOldoHvkghTkL8/JO8BG0lPNcIPBR73xvHflZ8fDJAFoINvCClvi1sD1v0hb
X-Received: by 10.68.254.74 with SMTP id ag10mr36594657pbd.35.1428412160436; Tue, 07 Apr 2015 06:09:20 -0700 (PDT)
Received: from [50.94.78.139] ([12.207.17.3]) by mx.google.com with ESMTPSA id y13sm8179166pas.37.2015.04.07.06.09.18 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 07 Apr 2015 06:09:19 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.6\))
From: John Bradley <ve7jtb@ve7jtb.com>
In-Reply-To: <5523B838.80105@gmail.com>
Date: Tue, 07 Apr 2015 06:09:15 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <8198C2B1-8B6D-4DD8-8052-85D335AABB8E@ve7jtb.com>
References: <D26B0844-431B-4A14-8B9F-BAF1A2D55444@mit.edu> <alpine.GSO.1.10.1504032112300.22210@multics.mit.edu> <5523B7BA.4@gmail.com> <5523B838.80105@gmail.com>
To: Sergey Beryozkin <sberyozkin@gmail.com>
X-Mailer: Apple Mail (2.2070.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/ugANUdDZeaQmHXGpVA5DGZcPArE>
Cc: oauth@ietf.org
Subject: Re: [OAUTH-WG] The best method to get generated bearer tokens encoded
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Apr 2015 13:09:23 -0000
Best would depend on what you are encoding. If the thing you are encoding is mostly URL safe then using URL escaping might give you the smallest result. If it is 8bit data then BASE64URL will give you a smaller result than HEX encoding. JWT use BASE64URL as a datapoint. John B. > On Apr 7, 2015, at 3:58 AM, Sergey Beryozkin <sberyozkin@gmail.com> wrote: > > Hi > > Would it be correct to assume that the best method for encoding the auto-generated bearer tokens is Base64URL ? I've spotted recently some of our code uses the Hex encoding which I believe is inferior compared to Base64URL given that the latter has a richer set of characters. > > Is it a correct assumption ? > > Thanks, Sergey > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
- [OAUTH-WG] Rate limiting in Dyn-Reg-Management Justin Richer
- Re: [OAUTH-WG] Rate limiting in Dyn-Reg-Management John Bradley
- Re: [OAUTH-WG] Rate limiting in Dyn-Reg-Management Benjamin Kaduk
- Re: [OAUTH-WG] Rate limiting in Dyn-Reg-Management Justin Richer
- [OAUTH-WG] The best method to get generated beare… Sergey Beryozkin
- Re: [OAUTH-WG] The best method to get generated b… John Bradley
- Re: [OAUTH-WG] The best method to get generated b… Sergey Beryozkin
- Re: [OAUTH-WG] The best method to get generated b… John Bradley