Now that the I-D submission process/tool is open again, I went ahead and submitted the "SAML 2.0 Bearer Assertion Profile for OAuth 2.0" as an I-D. It's basically the same as the version I posted to the WG mailing list except I added some language in the introduction stating the intended similarities to Web SSO (thanks Torsten) and changed the MUST to MAY on replay checking/enforcement. It's just a draft though so that can be changed again if people feel strongly about it.
Any additional thoughts or comments are of course welcome. I'd love to hear from anyone who might consider implementing/supporting this. Here's the link: http://www.ietf.org/id/draft-campbell-oauth-saml-00.txt Thanks, Brian Campbell ---------- Forwarded message ---------- From: IETF I-D Submission Tool <idsubmiss...@ietf.org> Date: Tue, Jul 27, 2010 at 1:14 PM Subject: New Version Notification for draft-campbell-oauth-saml-00 A new version of I-D, draft-campbell-oauth-saml-00.txt has been successfully submitted by Brian Campbell and posted to the IETF repository. Filename: draft-campbell-oauth-saml Revision: 00 Title: SAML 2.0 Bearer Assertion Profile for OAuth 2.0 Creation_date: 2010-07-27 WG ID: Independent Submission Number_of_pages: 9 Abstract: This specification defines the use of a SAML 2.0 bearer assertion as means for requesting an OAuth 2.0 access token. The IETF Secretariat. _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
