We're actually debating it internally. It seems easiest to just encode the binary code up front. Any issue with that?
- cmort On Oct 15, 2014, at 8:32 AM, Nat Sakimura <[email protected]> wrote: Thanks. So, to be clear, are you base64url encoding when sending it over the wire or is your code verifier is created by base64url encoding the binary value so that you do not need to encode it when sending it over? =nat via iPhone Oct 16, 2014 00:27、Chuck Mortimore <[email protected]> のメッセージ: We went with base64url in our implementation On Tue, Oct 14, 2014 at 2:26 AM, Nat Sakimura <[email protected]> wrote: > In his mail, Mike asked whether code verifier is > a value that is sendable without trnasformation > as a http parameter value, or if it needs to be > % encoded when it is being sent. > > We have several options here: > > 1) Require that the code verifier to be a base64url encoded string of a > binary random value. > > 2) Let code verifier to be a binary string and require it to be > either % encoded or base64url encoded when it is sent. > In this case, which encoding should we use? > > 3) require the code verifier to be conform to the following ABNF: > code_verifier = 16*128unreserved > unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~" > > Which one do you guys prefer? > > Nat > > -- > Nat Sakimura ([email protected]) > Nomura Research Institute, Ltd. > > PLEASE READ: > The information contained in this e-mail is confidential and intended for > the named recipient(s) only. > If you are not an intended recipient of this e-mail, you are hereby > notified that any review, dissemination, distribution or duplication of > this message is strictly prohibited. If you have received this message in > error, please notify the sender immediately and delete your copy from your > system. > > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth > _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
