Re: [OAUTH-WG] FYI - Text resolving DISCUSS issue about Bearer URI Query Parameter method

Thanks, Eran - I was just about to ask about that. On 24/05/2012, at 4:53 PM, Eran Hammer wrote: > I don't care about this either way, but 'explicitly rejected' is an > over-reach. I have not seen the chairs make a consensus call about that, or > even formally ask the list. > > EH > > >> -

Re: [OAUTH-WG] FYI - Text resolving DISCUSS issue about Bearer URI Query Parameter method

I don't care about this either way, but 'explicitly rejected' is an over-reach. I have not seen the chairs make a consensus call about that, or even formally ask the list. EH > -Original Message- > From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf > Of Mike Jones >

Re: [OAUTH-WG] FYI - Text resolving DISCUSS issue about Bearer URI Query Parameter method

The query parameter method was not moved to an appendix, for the reasons that Dick and you stated. The reality is, that it's the most used method, and it would be a disservice to developers not to describe it in the body of the spec (with appropriate caveats, of course).

Re: [OAUTH-WG] FYI - Text resolving DISCUSS issue about Bearer URI Query Parameter method

Yes, putting the query parameter method into an appendix was considered and explicitly rejected. Dick Hardt wrote about these issues in the discussions that led to this decision, and I'll take the liberty of quoting him, as I believe he explained it well: "The reality is that the world is a me

Re: [OAUTH-WG] FYI - Text resolving DISCUSS issue about Bearer URI Query Parameter method

RFCs tend to last longer than 18 months. And many companies. Thanks, On 24/05/2012, at 4:46 PM, David Recordon wrote: > I'm confused by this change given the access_token (or oauth_token) parameter > being the most widely deployed usage of the protocol over the past eighteen > months: > > *

Re: [OAUTH-WG] FYI - Text resolving DISCUSS issue about Bearer URI Query Parameter method

I'm confused by this change given the access_token (or oauth_token) parameter being the most widely deployed usage of the protocol over the past eighteen months: * https://developers.facebook.com/docs/reference/api/ * https://developers.google.com/accounts/docs/OAuth2WebServer#callinganapi * ht

Re: [OAUTH-WG] Error Encoding: Conclusion

With the exception of section 7.2, the changes look reasonable and will be applied in the next revision. The new section 7.2 is confusion and does not explain the new registry. The section introduces a new requirement to register 'any error codes defined for use with OAuth resource access metho

Re: [OAUTH-WG] Error Encoding: Conclusion

Honestly still trying to fully wrap my head around what's going on here since it seems far more complex than the threads are alluding to. In any case, does Mike's text address what Eran brought up as needed in the thread Hannes referenced or is Eran wrong? The core spec currently provides full gui

Re: [OAUTH-WG] FYI - Text resolving DISCUSS issue about Bearer URI Query Parameter method

On 2012-05-18 09:15, Julian Reschke wrote: ... Did you consider to *also* move the whole section into an appendix, so that it's status is also reflected by the document structure? Best regards, Julian Hi, it would be awesome to see feedback on this (it has been mentioned during IETF LC multip

[OAUTH-WG] Initial Standards Track JSON Web Token (JWT) Specifications

The JSON Web Token (JWT) specification and the OAuth 2.0 JWT Bearer Token Profiles specification are now IETF standards track documents in the OAuth working group

[OAUTH-WG] Error Encoding: Conclusion

Hi all, on May 10th we called for consensus on an open issue regarding the error encoding. Here is the link to the call: http://www.ietf.org/mail-archive/web/oauth/current/msg08994.html Thank you all for the feedback. The conclusion of the consensus call was to harmonize the encoding between

Re: [OAUTH-WG] Encoding of Errors in the Base and in the Bearer Spec

I am the shepherd for the bearer specification. On May 11, 2012, at 4:57 PM, Eran Hammer wrote: > Ok. Would the document shepherd for the bearer specification please raise > your hand? > > EH > >> -Original Message- >> From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Be

[OAUTH-WG] I-D Action: draft-ietf-oauth-dyn-reg-00.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Web Authorization Protocol Working Group of the IETF. Title : OAuth Dynamic Client Registration Protocol Author(s) : Thomas Hardjono

[OAUTH-WG] I-D Action: draft-ietf-oauth-use-cases-00.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Web Authorization Protocol Working Group of the IETF. Title : OAuth Use Cases Author(s) : George Fletcher Torsten Loddersted

[OAUTH-WG] I-D Action: draft-ietf-oauth-json-web-token-00.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Web Authorization Protocol Working Group of the IETF. Title : JSON Web Token (JWT) Author(s) : Michael B. Jones John Bradley

[OAUTH-WG] I-D Action: draft-ietf-oauth-jwt-bearer-00.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Web Authorization Protocol Working Group of the IETF. Title : JSON Web Token (JWT) Bearer Token Profiles for OAuth 2.0 Author(s) : Michael B. Jones