Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.txt
Justin Richer <jricher@mitre.org> Wed, 26 January 2011 14:10 UTC
Return-Path: <jricher@mitre.org>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 657AB3A69C7 for <oauth@core3.amsl.com>; Wed, 26 Jan 2011 06:10:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.488
X-Spam-Level:
X-Spam-Status: No, score=-3.488 tagged_above=-999 required=5 tests=[AWL=-0.889, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bBDK6Sx77rqM for <oauth@core3.amsl.com>; Wed, 26 Jan 2011 06:10:04 -0800 (PST)
Received: from smtpksrv1.mitre.org (smtpksrv1.mitre.org [198.49.146.77]) by core3.amsl.com (Postfix) with ESMTP id 3C5103A69C3 for <oauth@ietf.org>; Wed, 26 Jan 2011 06:10:04 -0800 (PST)
Received: from smtpksrv1.mitre.org (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id 9252E21B0AF5; Wed, 26 Jan 2011 09:13:04 -0500 (EST)
Received: from imchub2.MITRE.ORG (imchub2.mitre.org [129.83.29.74]) by smtpksrv1.mitre.org (Postfix) with ESMTP id 8BE7D21B0AF3; Wed, 26 Jan 2011 09:13:04 -0500 (EST)
Received: from [129.83.50.65] (129.83.50.65) by imchub2.MITRE.ORG (129.83.29.74) with Microsoft SMTP Server id 8.2.254.0; Wed, 26 Jan 2011 09:13:04 -0500
From: Justin Richer <jricher@mitre.org>
To: Marius Scurtescu <mscurtescu@google.com>
In-Reply-To: <AANLkTimzOErQhT_gjdQrcawVgfsnr_2RVtTOYRoP-fcR@mail.gmail.com>
References: <20110121004501.28103.96097.idtracker@localhost> <90C41DD21FB7C64BB94121FBBC2E723445A8D61C8E@P3PW5EX1MB01.EX1.SECURESERVER.NET> <90C41DD21FB7C64BB94121FBBC2E723445A8D61CBA@P3PW5EX1MB01.EX1.SECURESERVER.NET> <AANLkTimzOErQhT_gjdQrcawVgfsnr_2RVtTOYRoP-fcR@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
Date: Wed, 26 Jan 2011 09:13:03 -0500
Message-ID: <1296051184.9984.5.camel@pulse>
MIME-Version: 1.0
X-Mailer: Evolution 2.30.3
Content-Transfer-Encoding: 7bit
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Jan 2011 14:10:08 -0000
> 2. Section 8.2. What about applications using legacy parameters? Does > not make much sense to register them, and they cannot be changed to > x_. I *guarantee* that there will be many noncompliant implementations of this, built on server frameworks with required parameters on all endpoints. Not everyone is a Facebook or Google who can just define a new top-level endpoint with clean parameter space. OAuth2 is going to be integrated into *existing* systems that already have their allowable extra parameters carved out, and these systems are not going to change their parameters just to support OAuth. Once again, I'll say that if the choice comes down to changing around existing parameters or not supporting OAuth, most people are going to just not support OAuth. > Broken record: using a prefix for all registered parameters is > much cleaner (as opposed to requiring that all no-registered > parameters use a prefix). And once again, a strong +1 to this, even though I know it's far too late to make such a breaking change to the spec. I really think this was a bad decision and is going to come back and bite us in the future. -- Justin
- [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.txt Internet-Drafts
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Eran Hammer-Lahav
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Eran Hammer-Lahav
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Mike Jones
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Eran Hammer-Lahav
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Mike Jones
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Anthony Nadalin
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Marius Scurtescu
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Eran Hammer-Lahav
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Justin Richer
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Eran Hammer-Lahav
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Justin Richer
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… William Mills
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Skylar Woodward
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Eran Hammer-Lahav
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Marius Scurtescu
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Marius Scurtescu
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Eran Hammer-Lahav
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Marius Scurtescu
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Eran Hammer-Lahav
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… William Mills
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Eran Hammer-Lahav
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… William Mills
- Re: [OAUTH-WG] I-D Action:draft-ietf-oauth-v2-12.… Richer, Justin P.