Re: [OAUTH-WG] OAuth vs OAuth2 in Authorization header

Torsten Lodderstedt Wed, 14 Jul 2010 23:23:12 -0700

+1 for "OAuth2"

Brian Eaton schrieb:

Draft 10 switched from "Token" scheme in the authorization header to
"OAuth".  I'd rather we didn't reuse OAuth.  'OAuth2' would be great.
"Token" is ugly as sin, but is better than "OAuth".


Spec section: http://tools.ietf.org/html/draft-ietf-oauth-v2-10#page-30

The problem with reusing "OAuth" is that there are existing
implementations in the wild that have special behavior implemented for
OAuth authorization headers.  Since OAuth2 headers don't have the same
semantics, we're going to break those implementations.  We shouldn't
reuse "OAuth" for the same reasons we shouldn't reuse "Negotiate",
"NTLM", "Digest", or "Basic.

Cheers,
Brian
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth


_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Re: [OAUTH-WG] OAuth vs OAuth2 in Authorization header

Reply via email to