Re: [OAUTH-WG] A question on token revocation.

Wed, 06 Feb 2013 07:19:36 -0800 

+1


________________________________
 From: Prabath Siriwardena <[email protected]>
To: Todd W Lainhart <[email protected]> 
Cc: "[email protected] WG" <[email protected]>; [email protected] 
Sent: Wednesday, February 6, 2013 7:04 AM
Subject: Re: [OAUTH-WG] A question on token revocation.
 




On Wed, Feb 6, 2013 at 7:51 PM, Todd W Lainhart <[email protected]> wrote:

> There can be cases
where resource owner needs to revoke an authorized access token from a
given client.  
>
>Why wouldn't the RO go through the client
to revoke the token?
>

RO needs not to go through the client to revoke. Resource owner should have the 
capability to revoke an acces token by client.

Thanks & regards,
-Prabath
 
 
>
>
>
>
>Todd Lainhart
>Rational software
>IBM Corporation
>550 King Street, Littleton, MA 01460-1250
>1-978-899-4705
>2-276-4705 (T/L)
>[email protected] 
>
>
>
>
>From:      
 Prabath Siriwardena
<[email protected]> 
>To:      
 "[email protected] WG" <[email protected]>,  
>Date:      
 02/06/2013 04:36 AM 
>Subject:    
   [OAUTH-WG] A
question on token revocation. 
>Sent by:    
   [email protected] 
>>________________________________
>
>
>
>
>I am sorry if this was already discussed in this list..  
>
>Looking at [1] it only talks about revoking the access
token from the client. 
>
>How about the resource owner..? 
>
>There can be cases where resource owner needs to revoke
an authorized access token from a given client. Or revoke an scope.. 
>
>How are we going to address these requirements..? Thoughts
appreciated... 
>
>[1] http://tools.ietf.org/html/draft-ietf-oauth-revocation-04 
>
>-- 
>Thanks & Regards,
>Prabath 
>
>Mobile : +94 71 809 6732 
>
>http://blog.facilelogin.com
>http://RampartFAQ.com_______________________________________________
>OAuth mailing list
>[email protected]
>https://www.ietf.org/mailman/listinfo/oauth
> 
>


-- 
Thanks & Regards,
Prabath

Mobile : +94 71 809 6732 

http://blog.facilelogin.com
http://RampartFAQ.com
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to