Will be added to -05. EHL
> -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf > Of Brian Eaton > Sent: Thursday, May 13, 2010 8:50 AM > To: Chuck Mortimore > Cc: [email protected] > Subject: Re: [OAUTH-WG] User and Client identity in the Assertion Flow > > On Thu, May 13, 2010 at 8:26 AM, Chuck Mortimore > <[email protected]> wrote: > > Our plan is to treat SAML assertions passed over the assertion flow as > > bearer assertions, so I believe we have everything we need contained > > within the assertion (issuer + audience + signature). That being > > said, if we want this to be an extensible flow, not all assertion > > formats will be so transparent. > > > > I think this is a reasonable suggestion, as long as the > > clientid/secret are entirely optional. Not in support of a second User > Assertion Flow. > > Yes. This sounds right to me. > > Cheers, > Brian > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
