Re: [OAUTH-WG] RFC 7592 - Client Update Request omitted fields

2020-03-04 Thread Justin Richer
I can see the confusion in interpreting these requirements together. However, this is giving a specific semantics to omitted fields such that they’re treated as included in a specific way — with a null value. The intent of “include everything” is that you don’t leave out values and expect them

Re: [OAUTH-WG] RFC 7592 - Client Update Request omitted fields

2020-03-04 Thread Filip Skokan
I guess what i meant to call out is that while you and the spec says how omitted fields should be handled, but in the same section earlier it states that all fields must be included. S pozdravem, *Filip Skokan* On Wed, 4 Mar 2020 at 17:35, Justin Richer wrote: > I’m not sure what you’re

Re: [OAUTH-WG] RFC 7592 - Client Update Request omitted fields

2020-03-04 Thread Filip Skokan
Got it, thanks! Best, Filip On Wed, 4 Mar 2020 at 17:35, Justin Richer wrote: > I’m not sure what you’re asking — the text is not left over from anything > and is intentionally included. That text is saying that if I leave out the > field then the server treats it just like as if I had sent

Re: [OAUTH-WG] RFC 7592 - Client Update Request omitted fields

2020-03-04 Thread Justin Richer
I’m not sure what you’re asking — the text is not left over from anything and is intentionally included. That text is saying that if I leave out the field then the server treats it just like as if I had sent in a null value. So the following are equivalent: { “client_name”: “foo”,

Re: [OAUTH-WG] RFC 7592 - Client Update Request omitted fields

2020-03-04 Thread Filip Skokan
So the following Omitted fields MUST be treated as null or empty values by the server, > indicating the client's request to delete them from the client's > registration. Does not mean the server needs to accept requests where fields are omitted? Is that a left over from previous drafts then? S

Re: [OAUTH-WG] RFC 7592 - Client Update Request omitted fields

2020-03-04 Thread Justin Richer
Your interpretation was our intent with that. It’s a full replace of the object. We had debating having PATCH style semantics, but ultimately decided that that was too complex for the most common update actions that a client would have. — Justin > On Mar 3, 2020, at 8:42 AM, Filip Skokan

[OAUTH-WG] RFC 7592 - Client Update Request omitted fields

2020-03-03 Thread Filip Skokan
Hello everyone, Section 2.2 of RFC 7592 (Dynamic Client Registration Management Protocol) has the following two statements that oppose one another. This request MUST include all client metadata fields as returned to the > client from a previous