On 4/1/10 11:37 AM, "Marius Scurtescu" <[email protected]> wrote: > SAML assertions contain the expiry inside, the OAuth "expires" > parameter would be redundant, maybe this is way it is optional? The token expiration doesn't have to be the same as the assertion. > But, do we want to make this parameter required in general? Why not > leave it optional for all flows? What if an Authorization Server > implements some other mechanism to expire them (number of uses for > example) and a fixed expiry time does not make sense? The expiration parameter should be optional everywhere. If it is not, its because I didn't get to it (or messed up). EHL _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
- Re: [OAUTH-WG] Draft progress update Luke Shepard
- Re: [OAUTH-WG] Draft progress upda... Marius Scurtescu
- Re: [OAUTH-WG] Draft progress ... David Recordon
- Re: [OAUTH-WG] Draft prog... Marius Scurtescu
- Re: [OAUTH-WG] Draft ... Eran Hammer-Lahav
- Re: [OAUTH-WG] Draft progress update Marius Scurtescu
- Re: [OAUTH-WG] Draft progress update Zeltsan, Zachary (Zachary)
- Re: [OAUTH-WG] Draft progress update Eran Hammer-Lahav
- Re: [OAUTH-WG] Draft progress update Justin Smith
- Re: [OAUTH-WG] Draft progress update Marius Scurtescu
- Re: [OAUTH-WG] Draft progress update Eran Hammer-Lahav
- Re: [OAUTH-WG] Draft progress upda... Marius Scurtescu
- Re: [OAUTH-WG] Draft progress update Allen Tom
- Re: [OAUTH-WG] Draft progress update Eran Hammer-Lahav
- Re: [OAUTH-WG] Draft progress update Marius Scurtescu
- Re: [OAUTH-WG] Draft progress upda... Justin Smith
- Re: [OAUTH-WG] Draft progress ... Peter Saint-Andre
- Re: [OAUTH-WG] Draft prog... Allen Tom
- Re: [OAUTH-WG] Draft ... Peter Saint-Andre
- [OAUTH-WG] Scope (was... Eran Hammer-Lahav
- Re: [OAUTH-WG] Scope Torsten Lodderstedt
