Re: [OAUTH-WG] Error Registry Consensus Call

Eran Hammer <eran@hueniverse.com> Mon, 07 May 2012 23:22 UTC

Return-Path: <eran@hueniverse.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E95EE9E8002 for <oauth@ietfa.amsl.com>; Mon, 7 May 2012 16:22:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.535
X-Spam-Level:
X-Spam-Status: No, score=-2.535 tagged_above=-999 required=5 tests=[AWL=0.064, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RkO+iiQ5BHPI for <oauth@ietfa.amsl.com>; Mon, 7 May 2012 16:22:58 -0700 (PDT)
Received: from p3plex2out02.prod.phx3.secureserver.net (p3plex2out02.prod.phx3.secureserver.net [184.168.131.14]) by ietfa.amsl.com (Postfix) with ESMTP id 2E5709E8004 for <oauth@ietf.org>; Mon, 7 May 2012 16:22:57 -0700 (PDT)
Received: from P3PWEX2HT002.ex2.secureserver.net ([184.168.131.10]) by p3plex2out02.prod.phx3.secureserver.net with bizsmtp id 7BNu1j0010Dcg9U01BNup4; Mon, 07 May 2012 16:22:54 -0700
Received: from P3PWEX2MB008.ex2.secureserver.net ([169.254.8.88]) by P3PWEX2HT002.ex2.secureserver.net ([184.168.131.10]) with mapi id 14.02.0247.003; Mon, 7 May 2012 16:22:54 -0700
From: Eran Hammer <eran@hueniverse.com>
To: John Bradley <ve7jtb@ve7jtb.com>, Hannes Tschofenig <Hannes.Tschofenig@gmx.net>
Thread-Topic: [OAUTH-WG] Error Registry Consensus Call
Thread-Index: AQHNLKOIX0E3b1HWEkWa/Y91Xa0KqJa/a9iA//+K+5A=
Date: Mon, 7 May 2012 23:22:53 +0000
Message-ID: <0CBAEB56DDB3A140BA8E8C124C04ECA201021FC4@P3PWEX2MB008.ex2.secureserver.net>
References: <53E17703-C3BD-48A1-8CB6-BD0D3795DD77@gmx.net> <054E3D0C-8AFC-4585-8ED3-14348E25C4D0@ve7jtb.com>
In-Reply-To: <054E3D0C-8AFC-4585-8ED3-14348E25C4D0@ve7jtb.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [64.74.213.174]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "oauth@ietf.org WG" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Error Registry Consensus Call
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 May 2012 23:22:59 -0000

Why? What's the gain here? The only purpose of the registry is to avoid namespace collision. There can be no collision between the core specification and the bearer specification. They are describing completely different things. IANA does all the work anyway, and they two registry CAN share one review mailing list.

EH

> -----Original Message-----
> From: oauth-bounces@ietf.org [mailto:oauth-bounces@ietf.org] On Behalf
> Of John Bradley
> Sent: Monday, May 07, 2012 4:20 PM
> To: Hannes Tschofenig
> Cc: oauth@ietf.org WG
> Subject: Re: [OAUTH-WG] Error Registry Consensus Call
> 
> b)  Unless we remove the OAuth specific errors from bearer it should be in
> oath-v2.
> 
> One registry is preferable.
> 
> John B.
> On 2012-05-07, at 6:48 PM, Hannes Tschofenig wrote:
> 
> > Hi all,
> >
> > there is an open issue concerning draft-ietf-oauth-v2-bearer-19 that may
> impact draft-ietf-oauth-v2-26 (depending on it's resolution) and we would
> like to get feedback from the working group about it.
> >
> > Here is the issue: When a client makes an access to a protected resources
> then things may go wrong and an error may be returned in response. draft-
> ietf-oauth-v2-bearer talks about this behavior.
> >
> > That's great but these error codes need to be registered somewhere. Note
> that the registry can be created in one document while the values can be
> registered by many documents.
> >
> > So, where should the registry be?
> >
> > There are two choices.
> >
> > a) A new OAuth errors registry goes into draft-ietf-oauth-v2-bearer.
> >
> > b) draft-ietf-oauth-v2 expands the scope of the existing OAuth Errors
> registry to encompass errors returned from resource servers.
> >
> > Currently, draft-ietf-oauth-v2 creates registries for error codes only for the
> exchanges from A-to-D (symbols used from Figure 1 of draft-ietf-oauth-v2),
> but excludes registration of errors from flows E-F.
> >
> > We must create a registry for error codes from flows E-F.  In which
> document do we want to create this registry?
> >
> > So, give us your feedback whether you have a preference by the end of
> the week.
> >
> > Ciao
> > Hannes & Derek
> >
> > _______________________________________________
> > OAuth mailing list
> > OAuth@ietf.org
> > https://www.ietf.org/mailman/listinfo/oauth