Jones
Sent: Wednesday, June 01, 2011 1:15 PM
To: David Recordon; George Fletcher
Cc: paul Tarjan; oauth@ietf.org
Subject: Re: [OAUTH-WG] consistency of token param name in bearer
token
type
If you can drive a consensus decision for the name access_token,
I'd be
glad to change
...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf
Of Mike Jones
Sent: Wednesday, June 01, 2011 1:15 PM
To: David Recordon; George Fletcher
Cc: paul Tarjan; oauth@ietf.org
Subject: Re: [OAUTH-WG] consistency of token param name in bearer token
type
If you can drive a consensus decision
-Doug Tangren
http://lessis.me
Just one question:
Is the assumption of the group that bearer tokens are the only type of
tokens to be used in conjunction with URI query parameters? Otherwise, a
mechanism is needed to distinguish bearer and other tokens, e.g. another
parameter (token_type?).
-
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf
Of Mike Jones
Sent: Wednesday, June 01, 2011 1:15 PM
To: David Recordon; George Fletcher
Cc: paul Tarjan; oauth@ietf.org
Subject: Re: [OAUTH-WG] consistency of token param name in bearer token
type
If you can
@ietf.org
Betreff: Re: [OAUTH-WG] consistency of token param name in bearer
token type
It should be pretty easy :-)
Anyone objects to changing the parameter name from 'bearer_token' to
'access_token'? Let Mike know by 6/20 or he will make the change.
EHL
-Original Message
@ietf.org
Subject: Re: [OAUTH-WG] consistency of token param name in bearer token
type
If we're changing the bearer token's name, are we going to change the
parameter name inside of MAC as well? At the moment, it's id, which I've
always found an odd naming choice.
I would argue
token_type is defined in the core spec only and indicates the token type
to the client and not the resource server.
So either the core spec defines a way to distinguish token types towards
resource servers (probably by utilizing the token_type parameter) or the
respective schemes (BEARER,
If we're changing the bearer token's name, are we going to change the
parameter name inside of MAC as well? At the moment, it's id, which
I've always found an odd naming choice.
I would argue for consistency across the three main documents.
OAuth2 should be consistent with the
On 15/06/11 02:30, David Recordon wrote:
Bearer token doesn't exist within the core spec around getting an
access token. The term that is used is access token.
Right, I get that Bearer is defined in another draft document (which the
core spec references and probably should not btw, that's
: Wednesday, June 01, 2011 1:15 PM
To: David Recordon; George Fletcher
Cc: paul Tarjan; oauth@ietf.org
Subject: Re: [OAUTH-WG] consistency of token param name in bearer token
type
If you can drive a consensus decision for the name access_token, I'd be
glad to change the name in the spec. I agree
-
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf
Of Mike Jones
Sent: Wednesday, June 01, 2011 1:15 PM
To: David Recordon; George Fletcher
Cc: paul Tarjan; oauth@ietf.org
Subject: Re: [OAUTH-WG] consistency of token param name in bearer token
type
If you can drive
-Original Message-
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf
Of Mike Jones
Sent: Wednesday, June 01, 2011 1:15 PM
To: David Recordon; George Fletcher
Cc: paul Tarjan; oauth@ietf.org
Subject: Re: [OAUTH-WG] consistency of token param name in bearer token
type
Bearer token doesn't exist within the core spec around getting an
access token. The term that is used is access token.
On Tue, Jun 14, 2011 at 8:12 AM, Bill b...@dehora.net wrote:
On 10/06/11 17:45, David Recordon wrote:
I think it's vital to have the GET and POST parameters make sense to
George, Doug and Eran are you alright with the Bearer token spec using
the parameter name access_token as well?
On Wed, Jun 8, 2011 at 4:50 PM, Marius Scurtescu mscurte...@google.com wrote:
On Wed, Jun 1, 2011 at 1:14 PM, Mike Jones michael.jo...@microsoft.com
wrote:
If you can drive a
I definitely don't want to change the Authorization header naming
scheme. I believe it should stay 'Bearer' because that's what the token
is. We could make it...
Authorization: Bearer access_token=vF9dft4qmT
If that helps with consistency. I don't think we should be associating
the term
-Doug Tangren
http://lessis.me
On Fri, Jun 10, 2011 at 4:20 AM, David Recordon record...@gmail.com wrote:
George, Doug and Eran are you alright with the Bearer token spec using
the parameter name access_token as well?
Consistency is good and less confusing for developers writing generic
+1 :)
On 6/10/11 9:23 AM, Doug Tangren wrote:
I hope hope that if it changes again this time, it doesn't change
again :)!
___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
George,
On Jun 10, 2011, at 4:11 PM, George Fletcher wrote:
I definitely don't want to change the Authorization header naming scheme. I
believe it should stay 'Bearer' because that's what the token is. We could
make it...
Authorization: Bearer access_token=vF9dft4qmT
If that helps
] consistency of token param name in bearer token
type
George, Doug and Eran are you alright with the Bearer token spec using the
parameter name access_token as well?
On Wed, Jun 8, 2011 at 4:50 PM, Marius Scurtescu
mscurte...@google.com wrote:
On Wed, Jun 1, 2011 at 1:14 PM, Mike Jones
I think it's vital to have the GET and POST parameters make sense to
every developer. I worry less about the authorization header since a
developer implementing it will honestly be a stronger engineer.
Here's what I said earlier in the thread about my motivation:
Did a full read through of draft
On Fri, Jun 10, 2011 at 9:34 AM, John Kemp j...@jkemp.net wrote:
George,
On Jun 10, 2011, at 4:11 PM, George Fletcher wrote:
I definitely don't want to change the Authorization header naming scheme. I
believe it should stay 'Bearer' because that's what the token is. We could
make it...
: [OAUTH-WG] consistency of token param name in bearer token type
This may have come up before so I'm sorry if I'm repeating. Why does bearer
token spec introduce a new name for oauth2 access tokens [1],
bearer_token, and before that [2], oauth_token?
I apologize if this may sound
: Saturday, May 28, 2011 9:30 AM
Subject: Re: [OAUTH-WG] consistency of token param name in bearer token type
Did a full read through of draft 16 and the bear token spec with Paul
yesterday afternoon in order to do a manual diff from draft 10. The
point Doug raised was actually confusing. Throughout
@ietf.org
Subject: [OAUTH-WG] consistency of token param name in bearer token type
This may have come up before so I'm sorry if I'm repeating. Why does bearer
token spec introduce a new name for oauth2 access tokens [1],
bearer_token, and before that [2], oauth_token?
I apologize if this may
[mailto:oauth-boun...@ietf.org] On Behalf Of
Doug Tangren
Sent: Wednesday, May 11, 2011 10:09 PM
To: oauth@ietf.org
Subject: [OAUTH-WG] consistency of token param name in bearer token type
This may have come up before so I'm sorry if I'm repeating. Why does bearer
token spec introduce a new name
-Doug Tangren
http://lessis.me
On Sat, May 28, 2011 at 12:30 PM, David Recordon record...@gmail.comwrote:
Did a full read through of draft 16 and the bear token spec with Paul
yesterday afternoon in order to do a manual diff from draft 10. The
point Doug raised was actually confusing.
Facebook accepts both access_token and oauth_token today but only
documents access_token. I imagine we'll continue doing the same with
bearer_token until it gets sorted out a bit more. Thus we'd document
access_token but note that oauth_token and bearer_token will also
work. :-\
On Sat, May 28,
...@ietf.org] On Behalf Of Doug
Tangren
Sent: Wednesday, May 11, 2011 10:09 PM
To: oauth@ietf.org
Subject: [OAUTH-WG] consistency of token param name in bearer token type
This may have come up before so I'm sorry if I'm repeating. Why does bearer
token spec introduce a new name for oauth2 access tokens
This may have come up before so I'm sorry if I'm repeating. Why does bearer
token spec introduce a new name for oauth2 access tokens [1],
bearer_token, and before that [2], oauth_token?
I apologize if this may sound shallow but, why introduce a new parameter
name verses sticking with what the
-boun...@ietf.org] On Behalf Of Doug
Tangren
Sent: Wednesday, May 11, 2011 10:09 PM
To: oauth@ietf.org
Subject: [OAUTH-WG] consistency of token param name in bearer token type
This may have come up before so I'm sorry if I'm repeating. Why does bearer
token spec introduce a new name for oauth2
30 matches
Mail list logo
