Thanks.
Am 13.05.2010 um 18:02 schrieb Eran Hammer-Lahav <[email protected]>:
Will be added to -05.
EHL
-----Original Message-----
From: [email protected] [mailto:[email protected]] On
Behalf
Of Brian Eaton
Sent: Thursday, May 13, 2010 8:50 AM
To: Chuck Mortimore
Cc: [email protected]
Subject: Re: [OAUTH-WG] User and Client identity in the Assertion
Flow
On Thu, May 13, 2010 at 8:26 AM, Chuck Mortimore
<[email protected]> wrote:
Our plan is to treat SAML assertions passed over the assertion
flow as
bearer assertions, so I believe we have everything we need contained
within the assertion (issuer + audience + signature). That being
said, if we want this to be an extensible flow, not all assertion
formats will be so transparent.
I think this is a reasonable suggestion, as long as the
clientid/secret are entirely optional. Not in support of a
second User
Assertion Flow.
Yes. This sounds right to me.
Cheers,
Brian
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
