[Openid-specs-ab] FW: OAuth 2.0 Bearer Token Specification Draft -10
Michael.Jones at microsoft.com
Wed Oct 19 23:39:00 UTC 2011
From: oauth-bounces at ietf.org [mailto:oauth-bounces at ietf.org] On Behalf Of Mike Jones
Sent: Wednesday, October 19, 2011 4:38 PM
To: oauth at ietf.org
Subject: [OAUTH-WG] OAuth 2.0 Bearer Token Specification Draft -10
Draft 10<http://self-issued.info/docs/draft-ietf-oauth-v2-bearer-10.html> of the OAuth 2.0 Bearer Token Specification<http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.html> has been published, which incorporates consensus decisions reached since Working Group Last Call feedback. It closes all open issues. It contains the following changes:
* Removed the #auth-param option from Authorization header syntax (leaving only the b64token syntax).
* Restricted the scope value character set to %x21 / %x23-5B / %x5D-7E (printable ASCII characters excluding double-quote and backslash). Indicated that scope is intended for programmatic use and is not meant to be displayed to end users.
* Restricted the character set for error_description strings to SP / VCHAR and indicated that they are not meant to be displayed to end users.
* Included more description in the Abstract, since Hannes Tschofenig indicated that the RFC editor would require this.
* Changed "Access Grant" to "Authorization Grant", as was done in the core spec.
* Simplified the introduction to the Authenticated Requests section.
The draft is available at these locations:
* http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.html (will point to new versions as they are posted)
* http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.pdf (will point to new versions as they are posted)
* http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.txt (will point to new versions as they are posted)
* http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.xml (will point to new versions as they are posted)
* http://svn.openid.net/repos/specifications/oauth/2.0/ (Subversion repository, with html, pdf, txt, and html versions available)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-ab