Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.txt
Eran Hammer-Lahav <eran@hueniverse.com> Wed, 26 January 2011 16:02 UTC
Return-Path: <eran@hueniverse.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C9D0F3A676A for <oauth@core3.amsl.com>; Wed, 26 Jan 2011 08:02:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.56
X-Spam-Level:
X-Spam-Status: No, score=-2.56 tagged_above=-999 required=5 tests=[AWL=0.039, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1xXfqVgQwkwH for <oauth@core3.amsl.com>; Wed, 26 Jan 2011 08:02:43 -0800 (PST)
Received: from p3plex1out01.prod.phx3.secureserver.net (p3plex1out01.prod.phx3.secureserver.net [72.167.180.17]) by core3.amsl.com (Postfix) with SMTP id E21B83A6359 for <oauth@ietf.org>; Wed, 26 Jan 2011 08:02:42 -0800 (PST)
Received: (qmail 27557 invoked from network); 26 Jan 2011 16:05:42 -0000
Received: from unknown (HELO smtp.ex1.secureserver.net) (72.167.180.19) by p3plex1out01.prod.phx3.secureserver.net with SMTP; 26 Jan 2011 16:05:42 -0000
Received: from P3PW5EX1MB01.EX1.SECURESERVER.NET ([10.6.135.19]) by P3PW5EX1HT001.EX1.SECURESERVER.NET ([72.167.180.19]) with mapi; Wed, 26 Jan 2011 09:05:41 -0700
From: Eran Hammer-Lahav <eran@hueniverse.com>
To: Justin Richer <jricher@mitre.org>, Marius Scurtescu <mscurtescu@google.com>
Date: Wed, 26 Jan 2011 09:05:23 -0700
Thread-Topic: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.txt
Thread-Index: Acu9Yyam/U6JQtu2Ri6m5nPxXY4v1gAD3j6Q
Message-ID: <90C41DD21FB7C64BB94121FBBC2E723445A8D625D3@P3PW5EX1MB01.EX1.SECURESERVER.NET>
References: <20110121004501.28103.96097.idtracker@localhost> <90C41DD21FB7C64BB94121FBBC2E723445A8D61C8E@P3PW5EX1MB01.EX1.SECURESERVER.NET> <90C41DD21FB7C64BB94121FBBC2E723445A8D61CBA@P3PW5EX1MB01.EX1.SECURESERVER.NET> <AANLkTimzOErQhT_gjdQrcawVgfsnr_2RVtTOYRoP-fcR@mail.gmail.com> <1296051184.9984.5.camel@pulse>
In-Reply-To: <1296051184.9984.5.camel@pulse>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Jan 2011 16:02:43 -0000
It's been close to a year and no bite marks. EHL > -----Original Message----- > From: Justin Richer [mailto:jricher@mitre.org] > Sent: Wednesday, January 26, 2011 6:13 AM > To: Marius Scurtescu > Cc: Eran Hammer-Lahav; oauth@ietf.org > Subject: Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.txt > > > 2. Section 8.2. What about applications using legacy parameters? Does > > not make much sense to register them, and they cannot be changed to > > x_. > > I *guarantee* that there will be many noncompliant implementations of this, > built on server frameworks with required parameters on all endpoints. Not > everyone is a Facebook or Google who can just define a new top-level > endpoint with clean parameter space. OAuth2 is going to be integrated into > *existing* systems that already have their allowable extra parameters > carved out, and these systems are not going to change their parameters just > to support OAuth. Once again, I'll say that if the choice comes down to > changing around existing parameters or not supporting OAuth, most people > are going to just not support OAuth. > > > Broken record: using a prefix for all registered parameters is much > > cleaner (as opposed to requiring that all no-registered parameters use > > a prefix). > > And once again, a strong +1 to this, even though I know it's far too late to > make such a breaking change to the spec. I really think this was a bad > decision and is going to come back and bite us in the future. > > -- Justin
- [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.txt Internet-Drafts
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Eran Hammer-Lahav
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Eran Hammer-Lahav
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Mike Jones
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Eran Hammer-Lahav
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Mike Jones
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Anthony Nadalin
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Marius Scurtescu
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Eran Hammer-Lahav
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Justin Richer
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Eran Hammer-Lahav
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Justin Richer
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… William Mills
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Skylar Woodward
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Eran Hammer-Lahav
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Marius Scurtescu
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Marius Scurtescu
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Eran Hammer-Lahav
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Marius Scurtescu
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Eran Hammer-Lahav
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… William Mills
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Eran Hammer-Lahav
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… William Mills
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Richer, Justin P.