To clarify what I said there: 22-chars (128 bits) seems like way more than
enough for a lower limit when using the "plain" challenge method. When
using the "S256" challenge method, exactly 43 char (256 bits) should
probably always be used.
On Thu, Feb 5, 2015 at 11:09 AM, Brian Campbell
wrote:
>
Yes the current draft has 43 to 128 characters unreserved 43*128unreserved
You can blame me for a lot of things but ABNF is not one of them:)
John B.
> On Feb 5, 2015, at 5:54 PM, Bill Mills wrote:
>
> Ah, BNF builtin parser error, that's 42*128. I had parsed that as
> 128unreserved as t
Ah, BNF builtin parser error, that's 42*128. I had parsed that as
128unreserved as the name.
On Thursday, February 5, 2015 12:47 PM, John Bradley
wrote:
We are discussing the minimum size, the max is currently 128 characters.
On Feb 5, 2015, at 5:11 PM, Bill Mills wrote:
Is the
We are discussing the minimum size, the max is currently 128 characters.
> On Feb 5, 2015, at 5:11 PM, Bill Mills wrote:
>
> Is there a compelling reason to make that length fixed?
>
>
>
> On Thursday, February 5, 2015 10:10 AM, Brian Campbell
> wrote:
>
>
> 22-chars (128 bits) as a l
Is there a compelling reason to make that length fixed?
On Thursday, February 5, 2015 10:10 AM, Brian Campbell
wrote:
22-chars (128 bits) as a lower limit seems just fine for this case.
"ccm" works for me but I don't feel strongly about it either way.
On Thu, Feb 5, 2015 at 9:
22-chars (128 bits) as a lower limit seems just fine for this case.
"ccm" works for me but I don't feel strongly about it either way.
On Thu, Feb 5, 2015 at 9:49 AM, John Bradley wrote:
> Inline
>
>
> > On Feb 4, 2015, at 10:43 PM, Manger, James <
> james.h.man...@team.telstra.com> wrote:
> >
Inline
> On Feb 4, 2015, at 10:43 PM, Manger, James
> wrote:
>
>>Title : Proof Key for Code Exchange by OAuth Public Clients
>> Filename: draft-ietf-oauth-spop-09.txt
>> https://tools.ietf.org/html/draft-ietf-oauth-spop-09
>
>
> Some nits on this draft:
>
> 1. 42
2015-02-05 10:43 GMT+09:00 Manger, James :
> > Title : Proof Key for Code Exchange by OAuth Public Clients
> > Filename: draft-ietf-oauth-spop-09.txt
> > https://tools.ietf.org/html/draft-ietf-oauth-spop-09
>
>
> Some nits on this draft:
>
> 1. 42 chars.
> The lower lim
> Title : Proof Key for Code Exchange by OAuth Public Clients
> Filename: draft-ietf-oauth-spop-09.txt
> https://tools.ietf.org/html/draft-ietf-oauth-spop-09
Some nits on this draft:
1. 42 chars.
The lower limit of 42 chars for code_verifier: is not mentioned in prose
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol Working Group of
the IETF.
Title : Proof Key for Code Exchange by OAuth Public Clients
Authors : Nat Sakimura
10 matches
Mail list logo
