RFC Errata
RFC 5849, "The OAuth 1.0 Protocol", April 2010
Note: This RFC has been obsoleted by RFC 6749
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
Errata ID: 2860
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT
Reported By: houtsnip
Date Reported: 2011-07-13
Held for Document Update by: Peter Saint-Andre
Section 3.4.1.1. says:
5. The request parameters as normalized in Section 3.4.1.3.2, after being encoded (Section 3.6).
It should say:
5. The request parameters as normalized in Section 3.4.1.3.2, and then encoded (Section 3.6). [or ...] 5. The normalized request parameter string (see Section 3.4.1.3.2), after being encoded.
Notes:
It is not clear, from the way you write, whether you mean that the request parameters are first encoded, and then normalized, or the other way round.
When the sentence is read out of context, the meaning seems to be that the request parameters are first encoded, and then normalized, which is not what is actually meant. The real meaning can only be understood by looking at the sentence preceding the list: 'The signature base string is constructed by concatenating together, in order, the following HTTP request elements'. Then you understand that the request parameters are not *normalized* 'after being encoded', but are *concatenated* 'after being encoded'.
It was confusing enough for me, and my first language is English. Until I started filling in this erratum (and until I really looked at it closely), I really thought it was a technical error, and you'd just got it wrong.