You can read about the Artifact Binding at
https://bitbucket.org/openid/ab/wiki/Home. The latest draft is at
https://bitbucket.org/openid/ab/raw/c1eaac175dc8/openid-artifact-binding-1_0.html.
Nat Sakimura is actively updating the specification as we speak,
incorporating some of the ideas from OpenID Connect. The merger of the specs
that Nat is working on is sometimes referred to as OpenID Artifact
Binding/Connect or OpenID ABC for short. FYI, specification will be using JSON
Web Tokens (JWTs).
-- Mike
From: [email protected] [mailto:[email protected]] On Behalf Of
Francisco Corella
Sent: Tuesday, January 04, 2011 5:04 PM
To: Marius Scurtescu; Justin Richer
Cc: [email protected]; Karen P. Lewison
Subject: Re: [OAUTH-WG] TLS is needed for redirecting back to the client
--- On Tue, 1/4/11, Justin Richer <[email protected]<mailto:[email protected]>>
wrote:
> > > We need a protocol that does both authentication and
> > > authorization. We can take OAuth and adapt it for
> > > authentication, or take OpenID and adapt it for
> > > authorization, or combine OpenID and OAuth (great
> > > solution
> > > for people who love complexity) or... take the best
> > > ideas
> > > from OpenID and OAuth and incorporate them into a new
> > > protocol that's designed from the start for both
> > > authentication and authorization. That's one of my
> > > motivations for proposing PKAuth.
> >
> > Are you aware of OpenIDConnect?
> >
> > http://openidconnect.com/
>
> And also the latest drafts of OpenID Artifact Binding:
>
> http://wiki.openid.net/w/page/12995134/Artifact-Binding
I'm not familiar with that, and I haven't been able to find
a draft at the site.
Francisco
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
