Token makes sense in the context of provisioning a more general token auth header which we overload on. That said I'm glad we're getting simpler.
> -----Original Message----- > From: [email protected] [mailto:[email protected]] > On Behalf Of Brian Eaton > Sent: Wednesday, July 14, 2010 10:39 PM > To: [email protected] > Subject: [OAUTH-WG] OAuth vs OAuth2 in Authorization header > > Draft 10 switched from "Token" scheme in the authorization > header to "OAuth". I'd rather we didn't reuse OAuth. > 'OAuth2' would be great. > "Token" is ugly as sin, but is better than "OAuth". > > Spec section: > http://tools.ietf.org/html/draft-ietf-oauth-v2-10#page-30 > > The problem with reusing "OAuth" is that there are existing > implementations in the wild that have special behavior > implemented for OAuth authorization headers. Since OAuth2 > headers don't have the same semantics, we're going to break > those implementations. We shouldn't reuse "OAuth" for the > same reasons we shouldn't reuse "Negotiate", "NTLM", > "Digest", or "Basic. > > Cheers, > Brian > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth > _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
