[OAUTH-WG] Fwd: New Version Notification for draft-campbell-oauth-saml-01

Mon, 13 Dec 2010 14:54:03 -0800 

Draft -01 of "SAML 2.0 Bearer Assertion Grant Type Profile for OAuth
2.0" is now available at
http://www.ietf.org/id/draft-campbell-oauth-saml-01.txt

The changes (change log pasted blow) are mostly responding to feedback
from this WG and from the SSTC as well as bringing it up to date with
draft-ietf-oauth-v2-11.  The one change that was previously discussed
on this list that I didn't incorporate into the draft, and I'm still
somewhat on the fence about, is allowing for more than one assertion.

Comments and questions are welcome as always.

Thanks,
Brian

   -01

   o  Updated to reference draft-ietf-oauth-v2-11 and reflect changes
      from -10 to -11.

   o  Updated examples.

   o  Relaxed processing rules to allow for more than one
      SubjectConfirmation element.

   o  Removed the 'MUST NOT contain a NotBefore attribute' on
      SubjectConfirmationData.

   o  Relaxed wording that ties the subject of the Assertion to the
      resource owner.

   o  Added some wording about identifying the client when the subject
      hasn't directly authenticated including an informative reference
      to SAML V2.0 Condition for Delegation Restriction.

   o  Added a few examples to the language about verifying that the
      Assertion is valid in all other respects.

   o  Added some wording to the introduction about the similarities to
      Web SSO in the format and processing rules

   o  Changed the grant_type (was assertion_type) URI from
      http://oauth.net/assertion_type/saml/2.0/bearer to
      http://oauth.net/grant_type/assertion/saml/2.0/bearer

   o  Changed title to include "Grant Type" in it.

   o  Editorial updates based on feedback from the WG and others
      (including capitalization of Assertion when referring to SAML).





---------- Forwarded message ----------
From: IETF I-D Submission Tool <[email protected]>
Date: Mon, Dec 13, 2010 at 3:10 PM
Subject: New Version Notification for draft-campbell-oauth-saml-01

A new version of I-D, draft-campbell-oauth-saml-01.txt has been
successfully submitted by Brian Campbell and posted to the IETF
repository.

Filename:        draft-campbell-oauth-saml
Revision:        01
Title:           SAML 2.0 Bearer Assertion Grant Type Profile for OAuth 2.0
Creation_date:   2010-12-13
WG ID:           Independent Submission
Number_of_pages: 11

Abstract:
This specification defines the use of a SAML 2.0 bearer Assertion as
means for requesting an OAuth 2.0 access token.



The IETF Secretariat.
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to