On 3/24/2015 8:55 AM, Brian Campbell wrote:
And here's the somewhat different take on token exchange that I
mentioned yesterday:
https://tools.ietf.org/html/draft-campbell-oauth-sts-01
I'm unclear how your STS would work. Is your client required to go
through the whole OAuth process to
And here's the somewhat different take on token exchange that I mentioned
yesterday:
https://tools.ietf.org/html/draft-campbell-oauth-sts-01
A little more background, context, and discussion about it can be seen
following the thread on the Call for Adoption of OAuth 2.0 Token Exchange
as an OAuth
As the original author, I don't know why this issue has not been followed
through on. Still it has given me about 3 years to reflect. :-)
I support any of these drafts going forward but I think we have to think
through performance issues.
I concluded that a swap should only be done, if at
As mentioned in today’s IETF meeting, here are the two drafts dealing with
generic token swap:
https://tools.ietf.org/html/draft-hunt-oauth-chain-01
https://tools.ietf.org/html/draft-richer-oauth-chain-00
signature.asc
Description: Message signed with OpenPGP using GPGMail
