Re: [OAUTH-WG] Add an option to authorization endpoint to force end-user re-authentication

with it; maybe OIDC is the solution but it’s only half a solution if it’s optional/supplementary). Thanks, -- original message follows -- On 25/06/2010 02:30, Colin Snover wrote: On 24/06/2010 23:30, Luke Shepard wrote: You're right; this can be an interesting issue. It's very tied up in identity

Re: [OAUTH-WG] ' force_auth' request parameter

-- Forwarded Message *From: *An anonymous reader mail...@sharedcopy.com *Date: *Sat, 10 Jul 2010 11:01:11 -0700 *To: *Eran Hammer-Lahav e...@hueniverse.com *Subject: *Re: draft-ietf-oauth-v2-09 - The OAuth 2.0 Protocol *Colin Snover* left these comments on your copy