New versions of the three OAuth assertion related drafts have been published. The documents are available in the usual locations:
Assertion Framework for OAuth 2.0 http://tools.ietf.org/html/draft-ietf-oauth-assertions-06 SAML 2.0 Bearer Assertion Profiles for OAuth 2.0 http://tools.ietf.org/html/draft-ietf-oauth-saml2-bearer-14 JSON Web Token (JWT) Bearer Token Profiles for OAuth 2.0 http://tools.ietf.org/html/draft-ietf-oauth-jwt-bearer-02 Text was added to the introduction of all three further explaining that an assertion grant type can be used with or without client authentication/identification and that client assertion authentication is nothing more than an alternative way for a client to authenticate to the token endpoint. Two new examples were added to each of the JWT and SAML drafts. References were updated in all three. Hopefully now draft-ietf-oauth-assertions-06 and draft-ietf-oauth-saml2-bearer-14 are ready to go to WGLC. Thanks to Mike Jones for the preliminary review and updates/fixes. Regards, Brian Campbell
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth