FYI, the OpenID Connect<http://openid.net/connect/> specs began a 45 day public review period for adoption as Implementer's Drafts last week. An Implementer's Drafts is a stable draft that is not yet final, but that is intended for implementation, evaluation, and trial deployment. Intellectual property protections are granted to implementers for these drafts as well.
These drafts can be thought of as a profile of the OAuth 2.0 and JOSE specs that enables single-sign-on and exchange of claims through the use of JSON and JWT. They use these OAuth- and JOSE-related specs: OAuth 2.0 Core OAuth 2.0 Bearer OAuth 2.0 Assertions OAuth 2.0 JWT Assertions Profile OAuth 2.0 Threat Model Simple Web Discovery (SWD) JSON Web Token (JWT) JSON Web Signature (JWS) JSON Web Encryption (JWE) JSON Web Key (JWK) See these pages for more details: http://openid.net/2011/12/23/review-of-proposed-openid-connect-implementer%e2%80%99s-drafts/ http://self-issued.info/?p=619 -- Mike
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
