Thanks for the review Hannes. I've tried to constrain and/or clarify things
as much as I could. I am confident that those who deploy these
specifications are willing to take the steps described - there are real
deployments doing so now.
The introduction in the SAML document is intended to express
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi assertion document authors,
Hi all,
I took a look at the assertion framework draft (draft-ietf-oauth-assertions-11)
and the SAML assertion profile document (draft-ietf-oauth-saml2-bearer-16.txt).
In general, I have to say that they are
