On Fri, Sep 23, 2011 at 7:00 AM, Mike Jones <michael.jo...@microsoft.com> wrote:
> James Manger and others pointed out that the current credentials syntax does
> not comply with RFC 2617, nor does it match the updated credentials syntax
> contained in HTTPbis, part 7: Authentication. The current syntax in the
> bearer token draft is:
>
> credentials = "Bearer" RWS access-token
>
> access-token = 1*( quoted-char / <"> )
>
>
>
> quoted-char = ALPHA / DIGIT /
>
> "!" / "#" / "$" / "%" / "&" / "'" / "(" / ")" /
>
> "*" / "+" / "-" / "." / "/" / ":" / "<" / "=" /
>
> ">" / "?" / "@" / "[" / "]" / "^" / "_" / "`" /
>
> "{" / "|" / "}" / "~" / "\" / "," / ";"
>
>
>
> The syntax in HTTPbis is:
>
> credentials = auth-scheme [ 1*SP ( b64token / #auth-param ) ]
>
>
>
> (Note that some of the BNF elements used by part 7 are defined in HTTPbis,
> part 1: Messaging.)
>
>
>
> To resolve this comment, I plan to change the Bearer Token draft to use this
> syntax for credentials, matching HTTPbis:
>
> credentials = "Bearer" 1*SP ( b64token / #auth-param )
>
>
>
> Are people good with this approach?
+1
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
