On 2020-02-24, at 18:04, Jim Schaad <[email protected]> wrote: > > • The proposal from Carsten that has not get adopted anywhere yet.
Well, not adopted in the literal sense, but it has been used as a blueprint both in research works and in standardization. The main question that is holding this back from being a more complete solution is how to represent authorization that is dependent on request parameters (in particular, in bodies, both FETCH and POST/PATCH). Maybe that is too hard to do in a generic way, and AIF should focus on providing a placeholder for profile specific information about request body handling. (I have taken the opportunity to resubmit AIF with updated references: https://datatracker.ietf.org/doc/draft-bormann-core-ace-aif/ .) Grüße, Carsten _______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
