[Openid-specs-ab] Minor spec bug in Basic client profile

Chuck Mortimore cmortimore at salesforce.com
Tue Jan 29 01:43:21 UTC 2013


On Jan 28, 2013, at 5:23 PM, Mike Jones wrote:

Hi Chuck,

http://tools.ietf.org/html/rfc2617#section-1.2 (where the Authorization header is defined) says “It uses an extensible, case-insensitive token to identify the authentication scheme…”.  So either value is OK.  But I’ve filed http://hg.openid.net/connect/issue/732/all-capitalize-name-of-bearer to make this consistency change anyway.

Thanks for the report.  Are you reading the specs now to provide more feedback for the pending implementer’s drafts? :)

I was prepping for our upgrade - trying to diff where we are and plan how we catch up.

-cmort


                                                                -- Mike

From: openid-specs-ab-bounces at lists.openid.net<mailto:openid-specs-ab-bounces at lists.openid.net> [mailto:openid-specs-ab-bounces at lists.openid.net] On Behalf Of Chuck Mortimore
Sent: Friday, December 07, 2012 12:16 PM
To: openid-specs-ab at lists.openid.net<mailto:openid-specs-ab at lists.openid.net>
Subject: [Openid-specs-ab] Minor spec bug in Basic client profile

Just noticed that the the basic client profile doc says the following:

token_type
REQUIRED. The value MUST be "bearer"


while rfc 6750 refers to this as

"Bearer"

Notice the capital B.

-cmort



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20130128/b06ebfac/attachment.html>


More information about the Openid-specs-ab mailing list