I recall there being consensus on the space delimiter to make it so that URIs could be used easily as scope parameters. I know that I, personally, would rather have keywords in our implementation than URIs, so I'm very much in favor of keeping it unspecified.
-- justin On Thu, 2010-06-24 at 03:49 -0400, Lukas Rosenstock wrote: > Wasn't there some concensus that URIs would be good for scope? They > have "in-built namespacing" ... > > Lukas > > 2010/6/23 Dick Hardt <dick.ha...@gmail.com>: > > > > On 2010-06-22, at 11:07 PM, Tschofenig, Hannes (NSN - FI/Espoo) wrote: > > > >> " > >> scope > >> OPTIONAL. The scope of the access request expressed as a list > >> of space-delimited strings. The value of the "scope" parameter > >> is defined by the authorization server. If the value contains > >> multiple space-delimited strings, their order does not matter, > >> and each string adds an additional access range to the > >> requested scope. > >> " > >> > >> Do folks think it would be useful to have standardized values? > > > > Not at this time. The semantics of scope are all over the place. If > > standardized, people will feel they need to pick one that is close to what > > they want, but is not exactly what they mean. I think it is better for the > > AS to define what they mean by a scope and give it a name that makes sense > > in that context. > > > >> > >> If the answer is "yes", then it would be useful to differentiate the > >> standardized values from those values that are purely defined locally by > >> the authorization server. > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
