[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[OAUTH-WG] Reviewers Needed: draft-hammer-oauth-03

From: Eran Hammer-Lahav <eran at hueniverse.com>
To: "oauth at ietf.org" <oauth at ietf.org>
Date: Thu, 29 Oct 2009 23:41:06 -0700

This just came up on the other list. I will fix this in the draft before publication.

I am looking for a couple of people to proof read the draft with Core 1.0a (original copy http://oauth.net/core/1.0a) side by side and look for problems. At this point I don't know of anyone (other than me) who actually checked the draft fully. Please help!

EHL

-----Original Message-----
From: oauth at googlegroups.com [mailto:oauth at googlegroups.com] On Behalf Of Eran Hammer-Lahav
Sent: Thursday, October 29, 2009 11:39 PM
To: oauth at googlegroups.com
Subject: [oauth] Re: oauth_callback when using Authorization header?


This is a good question.

I assume you are reading the latest version (draft-hammer-oauth-03):
http://tools.ietf.org/html/draft-hammer-oauth-03#section-4.1

It is more clear in the original version (http://oauth.net/core/1.0a) where all the parameter are listed together. I will correct that before the RFC publication. Thanks!

EHL


> -----Original Message-----
> From: oauth at googlegroups.com [mailto:oauth at googlegroups.com] On Behalf
> Of Stephen McKamey
> Sent: Thursday, October 29, 2009 5:47 PM
> To: OAuth
> Subject: [oauth] oauth_callback when using Authorization header?
> 
> 
> The OAuth 1.0a spec is a little unclear about this so I thought I'd
> ask. When sending oauth params via the Authorization header, where
> does oauth_callback go? With the rest of the OAuth params in the
> header, or where the API params would go (i.e. query string or post
> data)?
> 
> HTTP Auth header feels like the right choice (keep all "oauth_"
> together) but there isn't a definitive answer in the spec.
> 
> 

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "OAuth" group.
To post to this group, send email to oauth at googlegroups.com
To unsubscribe from this group, send email to oauth+unsubscribe at googlegroups.com
For more options, visit this group at http://groups.google.com/group/oauth?hl=en
-~----------~----~----~----~------~----~------~--~---

Prev by Date: [OAUTH-WG] FW: Join the MashSSL Incubator Group (Call for Participation)
Next by Date: [OAUTH-WG] RSA signing and web delegation
Previous by thread: [OAUTH-WG] FW: Join the MashSSL Incubator Group (Call for Participation)
Next by thread: [OAUTH-WG] RSA signing and web delegation
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.