Re: [OAUTH-WG] draft-richer-oauth-introspection-03

Thu, 07 Mar 2013 10:38:45 -0800 

> ...but I see no reason that these two items couldn't be incorporated 
with the same language and semantics.

That's great.  "token_type_hint" is something that could be helpful to 
implementations.





Todd Lainhart
Rational software
IBM Corporation
550 King Street, Littleton, MA 01460-1250
1-978-899-4705
2-276-4705 (T/L)
lainh...@us.ibm.com




From:   Justin Richer <jric...@mitre.org>
To:     Todd W Lainhart/Lexington/IBM@IBMUS, 
Cc:     IETF oauth WG <oauth@ietf.org>
Date:   03/07/2013 11:28 AM
Subject:        Re: [OAUTH-WG] draft-richer-oauth-introspection-03



I hadn't set out to make the introspection draft parallel to the 
revocation draft, but I see no reason that these two items couldn't be 
incorporated with the same language and semantics.

 -- Justin


On 03/07/2013 10:23 AM, Todd W Lainhart wrote:
I forgot to include the "token_type_hint" parameter in the baseline 
compare (i.e. revocation includes it as optional, introspection does not).




Todd Lainhart
Rational software
IBM Corporation
550 King Street, Littleton, MA 01460-1250
1-978-899-4705
2-276-4705 (T/L)
lainh...@us.ibm.com





From:        Todd W Lainhart/Lexington/IBM@IBMUS 
To:        "IETF oauth WG" <oauth@ietf.org>, 
Date:        03/07/2013 10:17 AM 
Subject:        [OAUTH-WG] draft-richer-oauth-introspection-03 
Sent by:        oauth-boun...@ietf.org 



Hi Justin - 

I'm comparing: 

http://tools.ietf.org/html/draft-richer-oauth-introspection-03 

...with: 

http://tools.ietf.org/html/draft-ietf-oauth-revocation-05 

for symmetry. 

If that's appropriate, and if I use revocation as the baseline, I'm 
wondering why introspection supports GET in addition to POST, and doesn't 
require TLS (i.e. revocation only supports POST, and requires TLS).



Todd Lainhart
Rational software
IBM Corporation
550 King Street, Littleton, MA 01460-1250
1-978-899-4705
2-276-4705 (T/L)
lainh...@us.ibm.com

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth



_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth



_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to