IETF Logo Mail Archive

Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.txt

Marius Scurtescu <mscurtescu@google.com> Wed, 26 January 2011 21:29 UTC

Return-Path: <mscurtescu@google.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1BC383A68B1 for <oauth@core3.amsl.com>; Wed, 26 Jan 2011 13:29:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -105.803
X-Spam-Level:
X-Spam-Status: No, score=-105.803 tagged_above=-999 required=5 tests=[AWL=0.174, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XWj2tG6gmCvO for <oauth@core3.amsl.com>; Wed, 26 Jan 2011 13:29:32 -0800 (PST)
Received: from smtp-out.google.com (smtp-out.google.com [216.239.44.51]) by core3.amsl.com (Postfix) with ESMTP id 362773A6893 for <oauth@ietf.org>; Wed, 26 Jan 2011 13:29:32 -0800 (PST)
Received: from hpaq14.eem.corp.google.com (hpaq14.eem.corp.google.com [172.25.149.14]) by smtp-out.google.com with ESMTP id p0QLWWCF006792 for <oauth@ietf.org>; Wed, 26 Jan 2011 13:32:33 -0800
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=google.com; s=beta; t=1296077553; bh=0P4q5Ey5tDlUHNYquWZPThNIedw=; h=MIME-Version:In-Reply-To:References:From:Date:Message-ID:Subject: To:Cc:Content-Type:Content-Transfer-Encoding; b=ROp/sG8n0tHWCzMpsFTSsIRgwdreMkFxtVxCpBGUs2csYZQNVX8LJGCXoPC7/uk0K Vb6Te09Y6Flp2/d9QMdMQ==
Received: from yws5 (yws5.prod.google.com [10.192.19.5]) by hpaq14.eem.corp.google.com with ESMTP id p0QLWUAS012738 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT) for <oauth@ietf.org>; Wed, 26 Jan 2011 13:32:31 -0800
Received: by yws5 with SMTP id 5so348179yws.29 for <oauth@ietf.org>; Wed, 26 Jan 2011 13:32:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=beta; h=domainkey-signature:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type:content-transfer-encoding; bh=Fe6Irj3AOU/TIyDL0R87sW7CiIkA7kRjp4jzhB8REXc=; b=uc1lGspLpMbx3Xnw+jSZnmyy2AvjK5q+RI05rARobLlWXKh5/CdS+ilQVtr3QcaAp9 gu/JPVrVIPGU8izpik8g==
DomainKey-Signature: a=rsa-sha1; c=nofws; d=google.com; s=beta; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; b=fssKd6Jsv4VQ0AerrvMhFGNmYKSE1UmmbVAF4FMcqttLlVBJdVihDkbGFRftjJ+vy8 rV0dy6YYS9qU1dKMTf6Q==
Received: by 10.100.163.6 with SMTP id l6mr5443613ane.10.1296077550434; Wed, 26 Jan 2011 13:32:30 -0800 (PST)
MIME-Version: 1.0
Received: by 10.100.153.9 with HTTP; Wed, 26 Jan 2011 13:32:10 -0800 (PST)
In-Reply-To: <90C41DD21FB7C64BB94121FBBC2E723445A8D6262E@P3PW5EX1MB01.EX1.SECURESERVER.NET>
References: <20110121004501.28103.96097.idtracker@localhost> <90C41DD21FB7C64BB94121FBBC2E723445A8D61C8E@P3PW5EX1MB01.EX1.SECURESERVER.NET> <90C41DD21FB7C64BB94121FBBC2E723445A8D61CBA@P3PW5EX1MB01.EX1.SECURESERVER.NET> <AANLkTimzOErQhT_gjdQrcawVgfsnr_2RVtTOYRoP-fcR@mail.gmail.com> <1296051184.9984.5.camel@pulse> <FFDFD7371D517847AD71FBB08F9A31563848E7CD74@SP2-EX07VS06.ds.corp.yahoo.com> <155BD4E7-F8B3-4B4A-B02D-EAE2048A2F51@kiva.org> <90C41DD21FB7C64BB94121FBBC2E723445A8D6262E@P3PW5EX1MB01.EX1.SECURESERVER.NET>
From: Marius Scurtescu <mscurtescu@google.com>
Date: Wed, 26 Jan 2011 13:32:10 -0800
Message-ID: <AANLkTi=gHJ6kvOs8d_p=z60JE+V73=nGvmyci80kTWPU@mail.gmail.com>
To: Eran Hammer-Lahav <eran@hueniverse.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
X-System-Of-Record: true
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Jan 2011 21:29:33 -0000

On Wed, Jan 26, 2011 at 9:48 AM, Eran Hammer-Lahav <eran@hueniverse.com> wrote:
> This is not aimed at anyone in particular.
>
> Replying +1 is not justification for a major breaking change. This was raised in the past and consensus was that this is not a major concern. Over the past 10 months not a single actual issue was raised about conflicts in legacy platforms. If you have an *actual* issue with a platform, please provide the full details, including why known mechanisms such as Apache rewrite rules can't solve the it.

I just raised an actual issue.

Because OAuth 2 parameters are not prefixed, starting with v11 the
spec requires all other parameters to use the "x_" prefix. Google
cannot comply with that.

Dropping the x_ requirement is good enough IMO. If you are worried
about that, then you are probably afraid of an actual issue as well.


Marius

v2.23.0 | Report a Bug | By Email