Re: [OAUTH-WG] Error Registry Consensus Call

Mike Jones <> Mon, 07 May 2012 22:55 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 3361D21F865E for <>; Mon, 7 May 2012 15:55:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -3.927
X-Spam-Status: No, score=-3.927 tagged_above=-999 required=5 tests=[AWL=-0.328, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 0tFvcdvt392P for <>; Mon, 7 May 2012 15:55:39 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id B848021F857F for <>; Mon, 7 May 2012 15:55:38 -0700 (PDT)
Received: from ( by ( with Microsoft SMTP Server id; Mon, 7 May 2012 22:55:24 +0000
Received: from mail88-db3 (localhost []) by (Postfix) with ESMTP id 1F21B46011E; Mon, 7 May 2012 22:55:24 +0000 (UTC)
X-SpamScore: -27
X-BigFish: VS-27(zz9371I14ffI542Mzz1202hzz1033IL8275dhz2fh2a8h668h839h944hd25h)
X-Forefront-Antispam-Report: CIP:; KIP:(null); UIP:(null); IPV:NLI;; RD:none; EFVD:NLI
Received-SPF: pass (mail88-db3: domain of designates as permitted sender) client-ip=;; ; ;
Received: from mail88-db3 (localhost.localdomain []) by mail88-db3 (MessageSwitch) id 1336431322243481_14891; Mon, 7 May 2012 22:55:22 +0000 (UTC)
Received: from (unknown []) by (Postfix) with ESMTP id 372C7220112; Mon, 7 May 2012 22:55:22 +0000 (UTC)
Received: from ( by ( with Microsoft SMTP Server (TLS) id; Mon, 7 May 2012 22:55:22 +0000
Received: from ([]) by ([]) with mapi id 14.02.0298.005; Mon, 7 May 2012 22:55:30 +0000
From: Mike Jones <>
To: Hannes Tschofenig <>, " WG" <>
Thread-Topic: [OAUTH-WG] Error Registry Consensus Call
Thread-Index: AQHNLKOK4/Ar7WEiKkOvuAeb5S02zZa+74Bw
Date: Mon, 7 May 2012 22:55:30 +0000
Message-ID: <>
References: <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [OAUTH-WG] Error Registry Consensus Call
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 07 May 2012 22:55:40 -0000

 b) - a single OAuth errors registry for all of exchanges A-F of the protocol

-----Original Message-----
From: [] On Behalf Of Hannes Tschofenig
Sent: Monday, May 07, 2012 3:48 PM
To: WG
Subject: [OAUTH-WG] Error Registry Consensus Call

Hi all, 

there is an open issue concerning draft-ietf-oauth-v2-bearer-19 that may impact draft-ietf-oauth-v2-26 (depending on it's resolution) and we would like to get feedback from the working group about it. 

Here is the issue: When a client makes an access to a protected resources then things may go wrong and an error may be returned in response. draft-ietf-oauth-v2-bearer talks about this behavior. 

That's great but these error codes need to be registered somewhere. Note that the registry can be created in one document while the values can be registered by many documents. 

So, where should the registry be?

There are two choices. 

a) A new OAuth errors registry goes into draft-ietf-oauth-v2-bearer.

b) draft-ietf-oauth-v2 expands the scope of the existing OAuth Errors registry to encompass errors returned from resource servers.

Currently, draft-ietf-oauth-v2 creates registries for error codes only for the exchanges from A-to-D (symbols used from Figure 1 of draft-ietf-oauth-v2), but excludes registration of errors from flows E-F.

We must create a registry for error codes from flows E-F.  In which document do we want to create this registry?

So, give us your feedback whether you have a preference by the end of the week. 

Hannes & Derek

OAuth mailing list