[OAUTH-WG] OAuth 2.0 Bearer Token Specification draft -04

Thu, 31 Mar 2011 11:15:57 -0700 

I’ve published draft 
04<http://self-issued.info/docs/draft-ietf-oauth-v2-bearer-04.html> of the 
OAuth Bearer Token 
Specification<http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.html>.  
All changes were in response to working group last call feedback on draft 03.  
The changes in this draft were:

·        Added Bearer Token definition in Terminology section.

·        Changed parameter name "oauth_token" to "bearer_token".

·        Added realm parameter to "WWW-Authenticate" response to comply with 
[RFC2617].

·        Removed "[ RWS 1#auth-param ]" from "credentials" definition since it 
did not comply with the ABNF in [I-D.ietf-httpbis-p7-auth].

·        Removed restriction that the "bearer_token" (formerly "oauth_token") 
parameter be the last parameter in the entity-body and the HTTP request URI 
query.

·        Do not require WWW-Authenticate Response in a reply to a malformed 
request, as an HTTP 400 Bad Request response without a WWW-Authenticate header 
is likely the right response in some cases of malformed requests.

·        Removed OAuth Parameters registry extension.

·        Numerous editorial improvements suggested by working group members.

The draft is available at these locations:

·        http://www.ietf.org/internet-drafts/draft-ietf-oauth-v2-bearer-04.txt

·        http://www.ietf.org/internet-drafts/draft-ietf-oauth-v2-bearer-04.xml

·        http://self-issued.info/docs/draft-ietf-oauth-v2-bearer-04.html

·        http://self-issued.info/docs/draft-ietf-oauth-v2-bearer-04.txt

·        http://self-issued.info/docs/draft-ietf-oauth-v2-bearer-04.xml

·        http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.html (will 
point to new versions as they are posted)

·        http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.txt (will 
point to new versions as they are posted)

·        http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.xml (will 
point to new versions as they are posted)

·        http://svn.openid.net/repos/specifications/oauth/2.0/ (Subversion 
repository, with html, txt, and html versions available)

Responses to the suggestions not adopted will follow shortly in separate 
messages.

                                                            -- Mike


_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to