I am in favor of making it part of the base Oauth 2 spec, rather than defining
this in a single token draft. It seems something that SHOULD be part of the
framework.
There's a 3rd option which would be to have a separate doc, but that seems a
kludge.
-bill
>________________________________
> From: Hannes Tschofenig <[email protected]>
>To: "[email protected] WG" <[email protected]>
>Sent: Monday, May 7, 2012 3:48 PM
>Subject: [OAUTH-WG] Error Registry Consensus Call
>
>Hi all,
>
>there is an open issue concerning draft-ietf-oauth-v2-bearer-19 that may
>impact draft-ietf-oauth-v2-26 (depending on it's resolution) and we would like
>to get feedback from the working group about it.
>
>Here is the issue: When a client makes an access to a protected resources then
>things may go wrong and an error may be returned in response.
>draft-ietf-oauth-v2-bearer talks about this behavior.
>
>That's great but these error codes need to be registered somewhere. Note that
>the registry can be created in one document while the values can be registered
>by many documents.
>
>So, where should the registry be?
>
>There are two choices.
>
>a) A new OAuth errors registry goes into draft-ietf-oauth-v2-bearer.
>
>b) draft-ietf-oauth-v2 expands the scope of the existing OAuth Errors registry
>to encompass errors returned from resource servers.
>
>Currently, draft-ietf-oauth-v2 creates registries for error codes only for the
>exchanges from A-to-D (symbols used from Figure 1 of draft-ietf-oauth-v2), but
>excludes registration of errors from flows E-F.
>
>We must create a registry for error codes from flows E-F. In which document
>do we want to create this registry?
>
>So, give us your feedback whether you have a preference by the end of the
>week.
>
>Ciao
>Hannes & Derek
>
>_______________________________________________
>OAuth mailing list
>[email protected]
>https://www.ietf.org/mailman/listinfo/oauth
>
>
>
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
