> -----Original Message----- > From: Mike Jones [mailto:[email protected]] > Sent: Thursday, March 31, 2011 11:31 AM > To: Eran Hammer-Lahav; OAuth WG > Subject: RE: Error extensibility proposal > > I object to this proposal on two grounds: > > First, changing some of the "error" return codes to HTTP numbers is an > unnecessary and unsolicited breaking change at a time that we should be > stabilizing the spec.
No errors were changed! Merely, a few potential errors were added, some match your very own examples! To call this breaking changes is untrue and ridiculous. In particular coming from someone advocating error extensibility. You have to see the total absurdity of your argument here. > Second, the OAuth Errors registry is simpler How is it simpler? It requires double registration for all the use cases raised while my proposal makes it a trivial matter (just adding a field to an existing registration request). > and follows IETF standard practices. Both are registries and both common IETF practice. If you are going to use process arguments, you need to make sure they are both accurate and complete. > I know of no other specification where a parameters registry is > overloaded in this manner. This is not overloading anything. Again, get your facts right. The use cases clearly show that there are only two kinds of additional errors required: matching HTTP codes to non 400/401 cases and those related to extensions which are all implemented via the introduction of additional parameters. In this case, the error is merely an attribute of the parameter added, nothing more. If you show a valid use case for other requirements, such that require the registration of an error without a matching HTTP code or an extension parameter, I'll reconsider the design proposed. Since you have failed to even defend your own examples previously posted, I'm going to ignore this objection on the ground that it is without merit. EHL _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
