- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Wed, 18 Jul 2012 22:00:22 +0200
- To: Yutaka OIWA <y.oiwa@aist.go.jp>
- CC: "Manger, James H" <James.H.Manger@team.telstra.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
On 2012-07-18 21:49, Yutaka OIWA wrote: > +1, very good direction. > > Additional comment: > Its use in -p7 is only for legacy direct tokens for challenge and credentials. > If there is a good-sounding name suggesting its legaciness or its specific > use case, it seems better for me than name based on 68 possible characters. > > # I imagined "legacy-raw-auth-token", but it's not sounding good :-( > ... Point taken, but in the end what's important is the prose, and that already says: "The "token68" notation was introduced for compatibility with existing authentication schemes and can only be used once per challenge/credentials. New schemes thus ought to use the "auth-param" syntax instead, because otherwise future extensions will be impossible." (and yes, the OAuth bearer spec ignores that advice) Best regards, Julian
Received on Wednesday, 18 July 2012 20:00:54 UTC