On Wed, Oct 19, 2011 at 11:15 AM, William Mills <wmi...@yahoo-inc.com> wrote: >> Is this covering all characters allowed in a URI? Why >> not define scopes as a list of URIs? > I'd rather not do this because people will presume unless we add even more > text to explain it that they need to have the form scheme://host/path or > some such.
Which is not necessarily a bad thing. It allows systems to scale and interoperate. > It's an opportunity to bloat scopes far out of proportion to > what is actually needed. > > ________________________________ > From: Marius Scurtescu <mscurte...@google.com> > To: Julian Reschke <julian.resc...@gmx.de> > Cc: OAuth WG <oauth@ietf.org> > Sent: Wednesday, October 19, 2011 10:23 AM > Subject: Re: [OAUTH-WG] draft-ietf-oauth-v2-bearer-09: Open Issues & > Proposed Resolutions > > Marius > > > > On Tue, Oct 18, 2011 at 9:39 AM, Julian Reschke <julian.resc...@gmx.de> > wrote: >> On 2011-10-18 17:38, Eran Hammer-Lahav wrote: >>> >>> Space is allowed inside a quoted string and is already not allowed inside >>> each scope string. >>> >>> EHL >>> ... >> >> a) yes. >> >> b) well: >> >> The value of the scope parameter is expressed as a list of space- >> delimited, case sensitive strings. The strings are defined by the >> authorization server. If the value contains multiple space-delimited >> strings, their order does not matter, and each string adds an >> additional access range to the requested scope. >> >> That certainly implies that you can't have a space inside a token, but it >> could be clearer. >> >> Optimally, state the character repertoire precisely: >> >> scopetokenchar = %x21 / %x23-5B / %x5D-7E >> ; HTTPbis P1 qdtext except whitespace, restricted to US-ASCII >> >> ? > > Is this covering all characters allowed in a URI? Why not define > scopes as a list of URIs? > >> >> Best regards, Julian >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > > _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
