On 2011-10-04 03:55, Mike Jones wrote:
As editor, based upon James’ input, I’d like to expand the set of
choices for the working group to consider by adding the possibility of
using JSON string encodings for scope and error_description where the
characters used for the encoding are restricted to the set of 7-bit
ASCII characters compatible with the HTTPbis and RFC 2617 parameter
syntaxes.
1. Using RFC 5987 encoding for the scope parameter.
2. Continuing to specify no non-ASCII encoding for scope parameter values.
3. Using JSON string encoding for the scope parameter.
A. Using RFC 5987 encoding for the error_description parameter.
B. Continuing to specify UTF-8 encoding for the error_description
parameter.
C. Using JSON string encoding for the error_description parameter.
As an individual, I’m sympathetic to the argument that RFC 5987 (with
“scope*” and language tags etc.) is overkill for OAuth implementations,
where neither of the sets of strings is intended to be presented to
end-users. Hence, the possible attractiveness of options 3 and C.
Thoughts from others?
...
How is RFC 5987 encoding overkill, and JSON is not?
Note that if you'd use the \u notation inside a quoted string, you need
to escape the backslashes due to the quoted-string syntax; which is
likely a new source of errors.
Best regards, Julian
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
