Re: [OAUTH-WG] Authentication Method Reference Values Specification

Thu, 23 Jul 2015 00:31:00 -0700 

I don’t personally have a problem with people defining values for AMR and 
creating a IANA registry. 

That exists for ACR.

I am on record as not supporting clients requesting amr as it ai a bad idea and 
the spec mentions that at the same time it defines a new request parameter for 
it.

It is probably not something I will put any real effort into fighting, if 
people insist on it.  I will continue to recommend only using ACR in the 
request.

John B.

> On Jul 23, 2015, at 9:21 AM, Justin Richer <[email protected]> wrote:
> 
> Useful work, but shouldn’t this be defined in the OIDF, where the “amr" 
> parameter is defined?
> 
>  — Justin
> 
>> On Jul 22, 2015, at 7:48 PM, Mike Jones <[email protected] 
>> <mailto:[email protected]>> wrote:
>> 
>> Phil Hunt and I have posted a new draft that defines some values used with 
>> the “amr” (Authentication Methods References) claim and establishes a 
>> registry for Authentication Method Reference values.  These values include 
>> commonly used authentication methods like “pwd” (password) and “otp” (one 
>> time password).  It also defines a parameter for requesting that specific 
>> authentication methods be used in the authentication.
>>  
>> The specification is available at:
>> ·        https://tools.ietf.org/html/draft-jones-oauth-amr-values-00 
>> <https://tools.ietf.org/html/draft-jones-oauth-amr-values-00>
>>  
>> An HTML formatted version is also available at:
>> ·        http://self-issued.info/docs/draft-jones-oauth-amr-values-00.html 
>> <http://self-issued.info/docs/draft-jones-oauth-amr-values-00.html>
>>  
>>                                                             -- Mike
>>  
>> P.S.  This note was also posted at http://self-issued.info/?p=1429 
>> <http://self-issued.info/?p=1429> and as @selfissued 
>> <https://twitter.com/selfissued>.
>> _______________________________________________
>> OAuth mailing list
>> [email protected] <mailto:[email protected]>
>> https://www.ietf.org/mailman/listinfo/oauth 
>> <https://www.ietf.org/mailman/listinfo/oauth>
> 
> _______________________________________________
> OAuth mailing list
> [email protected] <mailto:[email protected]>
> https://www.ietf.org/mailman/listinfo/oauth 
> <https://www.ietf.org/mailman/listinfo/oauth>

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to