Thanks Vittorio for the thorough response!
I agree that how scopes are handled is very different across
deployments. Scopes used for an RP with a mobile app (e.g. something
like OpenTable) are going to be very different than a multi-tenant
enterprise system with fixed services and roles that
Sent from Samsung tablet.Rachel is not going to be able to make a difference
between being in detox program has been on used to make it an excellent way to
get out of the house ___
OAuth mailing list
OAuth@ietf.org
Allez-vous cesser de m'envoyer des mails !
Je n'en veux pas !
Et pour se desabonner, tout est fait pouir ne pas y réussir !
Le lun. 30 mars 2020 à 18:41, a écrit :
> Send OAuth mailing list submissions to
> oauth@ietf.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>
Thanks Annabelle and George! I am consolidating replies to both your latest
comments in this mail. This seems a hard rock to lift, but it also seems to be
the last one .
The TL;DR is, I am not completely opposed to relaxing the constraints and
turning them into security considerations, but I
Hi Karl,
Thanks for the comment. I agree that having a framework for further clarifying
authentication assurance would allow SDK owner to provide even more
functionality out of the box.
I also agree that the definition of such a framework for authentication
assurance goes beyond the scope of
