Re: [OAUTH-WG] Access token timeout
William Mills <wmills_92105@yahoo.com> Sun, 19 August 2012 17:35 UTC
Return-Path: <wmills_92105@yahoo.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D25BD21F8597 for <oauth@ietfa.amsl.com>; Sun, 19 Aug 2012 10:35:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.588
X-Spam-Level:
X-Spam-Status: No, score=-2.588 tagged_above=-999 required=5 tests=[AWL=-0.290, BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GYF5Z5JDtPBG for <oauth@ietfa.amsl.com>; Sun, 19 Aug 2012 10:35:46 -0700 (PDT)
Received: from nm15-vm0.bullet.mail.sp2.yahoo.com (nm15-vm0.bullet.mail.sp2.yahoo.com [98.139.91.208]) by ietfa.amsl.com (Postfix) with SMTP id 4339A21F8593 for <oauth@ietf.org>; Sun, 19 Aug 2012 10:35:46 -0700 (PDT)
Received: from [98.139.91.66] by nm15.bullet.mail.sp2.yahoo.com with NNFMP; 19 Aug 2012 17:35:36 -0000
Received: from [72.30.22.39] by tm6.bullet.mail.sp2.yahoo.com with NNFMP; 19 Aug 2012 17:35:36 -0000
Received: from [127.0.0.1] by omp1069.mail.sp2.yahoo.com with NNFMP; 19 Aug 2012 17:35:36 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 162374.5087.bm@omp1069.mail.sp2.yahoo.com
Received: (qmail 4626 invoked by uid 60001); 19 Aug 2012 17:35:35 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1345397735; bh=BqCn/7tg7CSHALTtaoV+81dY9e3IsuFRx6v/kcJAHTM=; h=X-YMail-OSG:Received:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=cRwPgTTsAIKlS/rAzPyYgFskFaR26EdWpoFI9jk1B5cde87+FXWj7DeOYtJwkdD5o+hTIIDuVMRCKPa5su59lsqPS8mQcQNccU29FE4qPILuPOhfp3R9/olYi309c1bVKgBNRoAq9HWgL8vEw32UG8DHhZSWZjce9w//AX1JsT8=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=jcnRnftp27zWo4bAdm+o1yhiiPrbW6nk4kcjfn8jxhAU0wSplzU0zkTwBYViWYPlfSJOJuA9Z/uKyxxXLEju5Bj5QirNtWofwCvT/w7c7RAUhgWiYWmzyZRkL23hBmwiPwl98qCKoO45+NJO2vZw1oj2tqQPDYrcjCzO+aeXpHU=;
X-YMail-OSG: PS0mM4oVM1kir9BpsuzmTrQWwCDJkEHodqVPB6PzdPWAOeE 2eVcHnZdnYBj2c39Tf.ay.ys7NZhA9esU49oUX6.dKHpk2Ex_HpQCq9LXDKA EgmIWinXjnjkQCuOQ1j.kiszR7Qwf62Pj4z4ykAckiNe0O6Cx6k411oa0W1h zRzfi7jVCB7XyMQF2.GxBoUN9yLlLlyZQdeqw7iRrIKVBl8Xrk_hhQiBupBR phFINkyVg1CEOGCmwLz6AMwKh79tGk0urUBikyW0YkZbNI5u6qQkKZr4W2.5 R6KomFrlhzsP0oPz2mjRIuBlzcK.V19ps8MDCIWO9jq7dVeGukHyfbDZ8H_V eNZB0Dajub9CjtwfsPsew9u3acR9tFamHRrcwubFm7gKoI3zj5glaBauIsYB qIExsFlei8rQPjX2X.AQzH71XWCh3PUebEeOVnD7MZddLu24.4YvWrazNZuO jFbyFWBuC1mXCVKKqMAGYtlk4JqtzR5L4PxxZ4Q6.
Received: from [99.31.212.42] by web31809.mail.mud.yahoo.com via HTTP; Sun, 19 Aug 2012 10:35:35 PDT
X-Mailer: YahooMailWebService/0.8.121.416
References: <CAP279Lxk5+=2B3cFLzS=teRYu2qWbg9Ny263pfDpBRueC7pF+A@mail.gmail.com>
Message-ID: <1345397735.4226.YahooMailNeo@web31809.mail.mud.yahoo.com>
Date: Sun, 19 Aug 2012 10:35:35 -0700
From: William Mills <wmills_92105@yahoo.com>
To: Jérôme LELEU <leleuj@gmail.com>, "oauth@ietf.org" <oauth@ietf.org>
In-Reply-To: <CAP279Lxk5+=2B3cFLzS=teRYu2qWbg9Ny263pfDpBRueC7pF+A@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="-1395015409-1485803473-1345397735=:4226"
Subject: Re: [OAUTH-WG] Access token timeout
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: William Mills <wmills_92105@yahoo.com>
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Aug 2012 17:35:47 -0000
It's a hint to the client of when the token will probably expire. There was a lot of discussion on what the right way to go was and there were several "camps" on the right strategy choice would be, but in the end a very simple solution was chosen. Most folks agreed that having more than one way to go was not worth the complexity, so this single one was picked. ________________________________ From: Jérôme LELEU <leleuj@gmail.com> To: oauth@ietf.org Sent: Sunday, August 19, 2012 1:25 AM Subject: [OAUTH-WG] Access token timeout Hi, I might be misunderstanding the OAuth 2.0 spec (part 5.1, "expires_in" property), but I understand that the timeout of the access token is a hard one (amount of time between creation and expiration). Am I right ? Can we have a multiple use timeout ? A sliding window timeout ? Or a combination of all ? Thanks. Best regards, Jérôme _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
- [OAUTH-WG] Access token timeout Jérôme LELEU
- Re: [OAUTH-WG] Access token timeout William Mills
- Re: [OAUTH-WG] Access token timeout John Bradley
- Re: [OAUTH-WG] Access token timeout Guangqing Deng
- Re: [OAUTH-WG] Access token timeout Justin Richer
- Re: [OAUTH-WG] Access token timeout Justin Richer