Re: [OAUTH-WG] Feedback on draft-ietf-oauth-v2-13

William J. Mills Fri, 25 Mar 2011 11:51:29 -0700

Authentication scheme names in HTTP are case insensitive.

________________________________
From: "Zeltsan, Zachary (Zachary)" <[email protected]>
To: 'Eran Hammer-Lahav' <[email protected]>
Cc: OAuth WG <[email protected]>
Sent: Friday, March 25, 2011 11:33 AM
Subject: Re: [OAUTH-WG] Feedback on draft-ietf-oauth-v2-13

The spelling of the name “Bearer” authentication scheme in the draft is 
inconsistent with the spelling in 
draft-ietf-oauth-v2-bearer-03.

In draft-ietf-oauth-v2-13, section 7.1: 
“For example, the "bearer" token type defined...”, 
and 
“Authorization: BEARER h480djs93hd8”

In draft-ietf-oauth-v2-bearer-03, section 2.1:
“Authorization: Bearer vF9dft4qmT”

The definition of the “Authorization” header field in 
draft-ietf-oauth-v2-bearer-03 is as follows:
credentials = "Bearer" RWS access-token [ RWS 1#auth-param ]
...
The core specification references the definition of the token type in the 
bearer tokens specification. So, the spelling needs to be corrected in the core 
specification.

Zachary

_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth

_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth

Re: [OAUTH-WG] Feedback on draft-ietf-oauth-v2-13

Reply via email to