On 2010-06-22, at 11:07 PM, Tschofenig, Hannes (NSN - FI/Espoo) wrote: > " > scope > OPTIONAL. The scope of the access request expressed as a list > of space-delimited strings. The value of the "scope" parameter > is defined by the authorization server. If the value contains > multiple space-delimited strings, their order does not matter, > and each string adds an additional access range to the > requested scope. > " > > Do folks think it would be useful to have standardized values?
Not at this time. The semantics of scope are all over the place. If standardized, people will feel they need to pick one that is close to what they want, but is not exactly what they mean. I think it is better for the AS to define what they mean by a scope and give it a name that makes sense in that context. > > If the answer is "yes", then it would be useful to differentiate the > standardized values from those values that are purely defined locally by > the authorization server. _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
