Re: [OAUTH-WG] AD review of draft-ietf-oauth-revocation-06

2013-04-12 Thread Stephen Farrell
Hiya, On 04/12/2013 10:03 PM, Justin Richer wrote: > Hi Stephen, > > I didn't respond as I didn't have anything to add to your comments, but > what little details I have are inline. Thanks:-) > On 04/12/2013 04:53 PM, Stephen Farrell wrote: >> Hi, >> >> I'm surprised there've been no responses

Re: [OAUTH-WG] AD review of draft-ietf-oauth-revocation-06

2013-04-12 Thread Justin Richer
Hi Stephen, I didn't respond as I didn't have anything to add to your comments, but what little details I have are inline. On 04/12/2013 04:53 PM, Stephen Farrell wrote: Hi, I'm surprised there've been no responses. I thought there was more interest in this one. Ta, S. On 04/09/2013 06:27

Re: [OAUTH-WG] AD review of draft-ietf-oauth-revocation-06

2013-04-12 Thread Stephen Farrell
Hi, I'm surprised there've been no responses. I thought there was more interest in this one. Ta, S. On 04/09/2013 06:27 PM, Stephen Farrell wrote: > > Hi, > > I've done my AD review of this draft. I have two quick questions > I'd like to get answered before I start IETF LC. Depending on the >

Re: [OAUTH-WG] Registration: Scope Values

2013-04-12 Thread Donald F Coffin
Justin, Thanks for the clarification. Best regards, Don Donald F. Coffin Founder/CTO REMI Networks 22751 El Prado Suite 6216 Rancho Santa Margarita, CA 92688-3836 Phone: (949) 636-8571 Email: donald.cof...@reminetworks.com

Re: [OAUTH-WG] Registration: Scope Values

2013-04-12 Thread Justin Richer
The question refers to the Dynamic Registration draft specifically, since that's what's still editable. RFC6749 treats scopes as bags of strings that are specific to the API that they're protecting, which lets them be either static strings or expressions (or, really, whatever you like them to b

Re: [OAUTH-WG] Registration: Scope Values

2013-04-12 Thread Donald F Coffin
+1 Best regards, Don Donald F. Coffin Founder/CTO REMI Networks 22751 El Prado Suite 6216 Rancho Santa Margarita, CA 92688-3836 Phone: (949) 636-8571 Email: donald.cof...@reminetworks.com From: Mike Jones [mailto:michael.jo

Re: [OAUTH-WG] Registration: Scope Values

2013-04-12 Thread Donald F Coffin
+1 Best regards, Don Donald F. Coffin Founder/CTO REMI Networks 22751 El Prado Suite 6216 Rancho Santa Margarita, CA 92688-3836 Phone: (949) 636-8571 Email: donald.cof...@reminetworks.com From: Tim Bray [mailto:twb...@googl

Re: [OAUTH-WG] Registration: Scope Values

2013-04-12 Thread Mike Jones
Tim, if you look at the scope examples in http://tools.ietf.org/html/rfc6750#section-3, you’ll see that one of them, from the Open Authentication Technology Committee (OATC) Online Multimedia Authorization Protocol [OMAP], does use non-static scope values to convey parameters: scope="urn:exampl

Re: [OAUTH-WG] Registration: Scope Values

2013-04-12 Thread Tim Bray
Speaking for myself, I have considerable concern about Turing-complete programming languages starting to emerge inside scope strings, which I think is probably a symptom of bad engineering. I really like the idea of specifying the scopes you’re going to ask for at registration time, and if that al

[OAUTH-WG] Registration: Scope Values

2013-04-12 Thread Justin Richer
Currently, the Dynamic Registration draft defines a "scope" value as part of the client metadata table, with the following definition: scope OPTIONAL. Space separated list of scope values (as described in OAuth 2.0Section 3.3 [RFC6749]

Re: [OAUTH-WG] For facebook desktop application acces tocken

2013-04-12 Thread Justin Richer
This is a question better directed at Facebook's developers community since it's more specific to Facebook's API. I would suggest posting your question to StackOverflow: http://stackoverflow.com/ -- Justin On 04/08/2013 07:39 AM, ECS ACCENTURE wrote: Hi, I am following this link : http://d

[OAUTH-WG] For facebook desktop application acces tocken

2013-04-12 Thread ECS ACCENTURE
Hi, I am following this link : http://developers.facebook.com/docs/opengraph/howtos/publishing-with-app-token/ to generate permanent access tocken for my web application. HTTP GET request: https://graph.facebook.com/oauth/access_token? client_id=YOUR_APP_ID &client_secret=

Re: [OAUTH-WG] For facebook desktop application acces tocken

2013-04-12 Thread ECS ACCENTURE
> Hi, > > I am following this link : > http://developers.facebook.com/docs/opengraph/howtos/publishing-with-app-token/ > to generate permanent access tocken for my web application. > > HTTP GET request: > https://graph.facebook.com/oauth/access_token? > client_id=YOUR_APP_ID >