On 2011-11-03 00:21, Manger, James H wrote:
5) Section 3 ABNF allows "realm=foo;realm=bar;scope=baz;error=123"
is that ok? Is processing clear for all cases? I don't think it
is.
The ABNF does not allow that.
It requires commas as separators, not semi-colons.
Indeed.
It requires double quotes around values.
(but maybe it should not; separate issue)
The only possible ambiguity in this example is the duplicate realms, but that
parameter isn't even defined in this spec (it is defined in
draft-ietf-httpbis-p7-auth)! I guess that spec could try to explicitly define
behaviour in the case of this particular error, but it may have to explicitly
describe a lot of other error cases as well.
Indeed. I have opened a ticket for that
<http://trac.tools.ietf.org/wg/httpbis/trac/ticket/321>. UAs disagree on
it, so I think all that needs to be done here is to point out that it's
invalid.
Best regards, Julian
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
