[OAUTH-WG] OAuth Bearer Token draft
Phil Hunt <phil.hunt@oracle.com> Fri, 25 February 2011 19:39 UTC
Return-Path: <phil.hunt@oracle.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 649223A6831 for <oauth@core3.amsl.com>; Fri, 25 Feb 2011 11:39:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.459
X-Spam-Level:
X-Spam-Status: No, score=-6.459 tagged_above=-999 required=5 tests=[AWL=0.139, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y0HjZkIpoqWB for <oauth@core3.amsl.com>; Fri, 25 Feb 2011 11:39:27 -0800 (PST)
Received: from rcsinet10.oracle.com (rcsinet10.oracle.com [148.87.113.121]) by core3.amsl.com (Postfix) with ESMTP id 86F753A67FB for <oauth@ietf.org>; Fri, 25 Feb 2011 11:39:27 -0800 (PST)
Received: from rcsinet15.oracle.com (rcsinet15.oracle.com [148.87.113.117]) by rcsinet10.oracle.com (Switch-3.4.2/Switch-3.4.2) with ESMTP id p1PJeIhc009449 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <oauth@ietf.org>; Fri, 25 Feb 2011 19:40:20 GMT
Received: from acsmt355.oracle.com (acsmt355.oracle.com [141.146.40.155]) by rcsinet15.oracle.com (Switch-3.4.2/Switch-3.4.1) with ESMTP id p1PDRgfT026926 for <oauth@ietf.org>; Fri, 25 Feb 2011 19:40:18 GMT
Received: from abhmt002.oracle.com by acsmt353.oracle.com with ESMTP id 1088213901298662707; Fri, 25 Feb 2011 11:38:27 -0800
Received: from [192.168.1.8] (/24.85.235.164) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Fri, 25 Feb 2011 11:38:26 -0800
From: Phil Hunt <phil.hunt@oracle.com>
Content-Type: multipart/alternative; boundary="Apple-Mail-4-380440985"
Date: Fri, 25 Feb 2011 11:38:24 -0800
Message-Id: <BA70F7F6-D902-4586-A181-CE3566559935@oracle.com>
To: OAuth WG <oauth@ietf.org>
Mime-Version: 1.0 (Apple Message framework v1082)
X-Mailer: Apple Mail (2.1082)
X-Source-IP: acsmt355.oracle.com [141.146.40.155]
X-Auth-Type: Internal IP
X-CT-RefId: str=0001.0A090201.4D6805A2.017C:SCFMA4539814,ss=1,fgs=0
Subject: [OAUTH-WG] OAuth Bearer Token draft
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Feb 2011 19:39:28 -0000
There was some discussion on the type for the authorization header being OAUTH / MAC / BEARER etc. Did we have a resolution? As for section 2.2 and 2.3, should we not have a more neutral solution as well and use "authorization_token" instead of oauth_token. The idea is that the parameter corresponds to the authorization header and NOT the value of it. The value of such a parameter an be an encoded value that corresponds to the authorization header. For example: GET /resource?authorization_token=BEARER+vF9dft4qmT HTTP/1.1 Host: server.example.com instead of GET /resource?oauth_token=vF9dft4qmT HTTP/1.1 Host: server.example.com The concern is that if for some reason you switch to "MAC" tokens, then you have to change parameter names. Why not keep them consistent? Apologies if this was already resolved. Phil phil.hunt@oracle.com
- Re: [OAUTH-WG] OAuth Bearer Token draft William J. Mills
- Re: [OAUTH-WG] OAuth Bearer Token draft William J. Mills
- Re: [OAUTH-WG] OAuth Bearer Token draft William J. Mills
- Re: [OAUTH-WG] OAuth Bearer Token draft William J. Mills
- Re: [OAUTH-WG] OAuth Bearer Token draft Mike Jones
- [OAUTH-WG] OAuth Bearer Token draft Phil Hunt
- Re: [OAUTH-WG] OAuth Bearer Token draft Brian Eaton
- Re: [OAUTH-WG] OAuth Bearer Token draft Phil Hunt
- Re: [OAUTH-WG] OAuth Bearer Token draft Eran Hammer-Lahav
- Re: [OAUTH-WG] OAuth Bearer Token draft Brian Eaton
- Re: [OAUTH-WG] OAuth Bearer Token draft Eran Hammer-Lahav
- Re: [OAUTH-WG] OAuth Bearer Token draft Torsten Lodderstedt
- Re: [OAUTH-WG] OAuth Bearer Token draft Justin Richer
- Re: [OAUTH-WG] OAuth Bearer Token draft Justin Richer
- Re: [OAUTH-WG] OAuth Bearer Token draft Bob Aman
- Re: [OAUTH-WG] OAuth Bearer Token draft Eran Hammer-Lahav
- Re: [OAUTH-WG] OAuth Bearer Token draft William J. Mills
- Re: [OAUTH-WG] OAuth Bearer Token draft Eran Hammer-Lahav
- Re: [OAUTH-WG] OAuth Bearer Token draft Richer, Justin P.
- Re: [OAUTH-WG] OAuth Bearer Token draft Eran Hammer-Lahav
- Re: [OAUTH-WG] OAuth Bearer Token draft Richer, Justin P.
- Re: [OAUTH-WG] OAuth Bearer Token draft Brian Eaton
- Re: [OAUTH-WG] OAuth Bearer Token draft Eran Hammer-Lahav
- Re: [OAUTH-WG] OAuth Bearer Token draft William J. Mills
- Re: [OAUTH-WG] OAuth Bearer Token draft Lukas Rosenstock
- Re: [OAUTH-WG] OAuth Bearer Token draft Richer, Justin P.
- Re: [OAUTH-WG] OAuth Bearer Token draft William J. Mills
- Re: [OAUTH-WG] OAuth Bearer Token draft Richer, Justin P.
- Re: [OAUTH-WG] OAuth Bearer Token draft Phil Hunt
- Re: [OAUTH-WG] OAuth Bearer Token draft Eran Hammer-Lahav
- Re: [OAUTH-WG] OAuth Bearer Token draft Richer, Justin P.
- Re: [OAUTH-WG] OAuth Bearer Token draft Richer, Justin P.
- Re: [OAUTH-WG] OAuth Bearer Token draft Phil Hunt
- Re: [OAUTH-WG] OAuth Bearer Token draft Igor Faynberg
- Re: [OAUTH-WG] OAuth Bearer Token draft Richer, Justin P.
- Re: [OAUTH-WG] OAuth Bearer Token draft Phil Hunt
- Re: [OAUTH-WG] OAuth Bearer Token draft Richer, Justin P.
- Re: [OAUTH-WG] OAuth Bearer Token draft William J. Mills
- Re: [OAUTH-WG] OAuth Bearer Token draft William J. Mills
- Re: [OAUTH-WG] OAuth Bearer Token draft Torsten Lodderstedt
- Re: [OAUTH-WG] OAuth Bearer Token draft Phil Hunt
- Re: [OAUTH-WG] OAuth Bearer Token draft George Fletcher
- Re: [OAUTH-WG] OAuth Bearer Token draft Mike Jones
- Re: [OAUTH-WG] OAuth Bearer Token draft Manger, James H
- Re: [OAUTH-WG] OAuth Bearer Token draft torsten
- Re: [OAUTH-WG] OAuth Bearer Token draft torsten
- Re: [OAUTH-WG] OAuth Bearer Token draft Richer, Justin P.
- Re: [OAUTH-WG] OAuth Bearer Token draft Richer, Justin P.
- Re: [OAUTH-WG] OAuth Bearer Token draft George Fletcher
- Re: [OAUTH-WG] OAuth Bearer Token draft Phil Hunt
- Re: [OAUTH-WG] OAuth Bearer Token draft Mike Jones