Re: [OAUTH-WG] OAuth 2.0 Token Upgrade Extension

Thu, 02 Sep 2010 13:22:05 -0700 

> Because 2.0 deployments are not likely 
> to share the same credentials

Ok I understand, so that's "the value of which is the.." piece. I'm not
clear we can say one way or another which credentials are supplied, but
if that's the assumption/desire, then perhaps the ID should document
it. 

In any case, I believe references to the 1.0 protocol should refer to
the RFC.

Bill


On Tue, 2010-08-31 at 11:12 -0700, Eran Hammer-Lahav wrote:
> Because 2.0 deployments are not likely to share the same credentials
> with 1.0, or at least it is not something I would like to suggest.
> This is a new protocol.
> 
> EHL
> 
> 
> On 8/31/10 3:12 AM, "b...@dehora.net" <b...@dehora.net> wrote:
> 
>         Why not?
>         
>         Bill
>         
>         On Mon, 2010-08-30 at 10:10 -0700, Eran Hammer-Lahav wrote:
>         > It does not need to have any normative references to 5849.
>         >
>         > EHL
>         >
>         > -----Original Message-----
>         > From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org]
>         On Behalf Of Bill de hÓra
>         > Sent: Monday, August 30, 2010 5:47 AM
>         > To: David Recordon
>         > Cc: Tschofenig, Hannes (NSN - FI/Espoo); OAuth WG
>         > Subject: Re: [OAUTH-WG] OAuth 2.0 Token Upgrade Extension
>         >
>         > On Fri, 2010-08-27 at 20:26 +0000, David Recordon wrote:
>         > > This draft is now an Internet Draft and I'm curious if
>         anyone has any
>         > > feedback on it?
>         > >
>         http://tools.ietf.org/html/draft-recordon-oauth-v2-upgrade-00
>         > >
>         >
>         > replace
>         >
>         > [[[
>         > client_id
>         >       REQUIRED.  The client identifier as described in
>         Section 2 of
>         >       [I-D.ietf.oauth-v2].
>         >
>         >    client_secret
>         >       REQUIRED.  The client secret as described in Section 2
>         of
>         >       [I-D.ietf.oauth-v2].
>         > ]]]
>         >
>         > with
>         >
>         > {{{
>         > client_id
>         >       REQUIRED.  The client identifier as described in
>         Section 2 of
>         >       [I-D.ietf.oauth-v2], the value of which is the
>         oauth_consumer_key
>         >       as described in [@@@rfc5849]
>         >
>         >    client_secret
>         >       REQUIRED.  The client secret as described in Section 2
>         of
>         >       [I-D.ietf.oauth-v2],the value of which is the
>         shared-secret
>         >       as described in "3.4 Signature" of [@@@rfc5849] }}}
>         >
>         > The draft needs to reference rfc5849 rather than OAuth 1.0.
>         >
>         > Bill
>         >
>         >
>         >
>         > _______________________________________________
>         > OAuth mailing list
>         > OAuth@ietf.org
>         > https://www.ietf.org/mailman/listinfo/oauth
>         
>         
>         


_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to