Re: [OAUTH-WG] more than one assertion?

2010-08-31 Thread Torsten Lodderstedt
...@lodderstedt.net] *Sent:* Friday, August 20, 2010 11:29 AM *To:* Anthony Nadalin *Cc:* Chuck Mortimore; Eran Hammer-Lahav; Brian Campbell; oauth *Subject:* Re: [OAUTH-WG] more than one assertion? What data shall the issued token contain? Different identifiers and also information about the different

Re: [OAUTH-WG] more than one assertion?

2010-08-30 Thread Anthony Nadalin
Subject: Re: [OAUTH-WG] more than one assertion? What data shall the issued token contain? Different identifiers and also information about the different issuing authorities? Is the new token's data inherited from the source assertions or are the assertions just verified and the token data (incl

Re: [OAUTH-WG] more than one assertion?

2010-08-21 Thread Eran Hammer-Lahav
] Sent: Friday, August 20, 2010 11:19 AM To: Chuck Mortimore; Eran Hammer-Lahav; Brian Campbell Cc: oauth Subject: RE: [OAUTH-WG] more than one assertion? So the UK Government Gateway project is a concrete use case. The use case for the UK government is that the government has many assertion

Re: [OAUTH-WG] more than one assertion?

2010-08-20 Thread Anthony Nadalin
, August 12, 2010 10:24 AM To: Eran Hammer-Lahav; Brian Campbell Cc: oauth Subject: Re: [OAUTH-WG] more than one assertion? Personally, I'd first like to see more concrete use-cases of how multiple assertions are going to be used in practice. Tony alluded to some abstract use-cases, but fuller

Re: [OAUTH-WG] more than one assertion?

2010-08-20 Thread Torsten Lodderstedt
Of *Chuck Mortimore *Sent:* Thursday, August 12, 2010 10:24 AM *To:* Eran Hammer-Lahav; Brian Campbell *Cc:* oauth *Subject:* Re: [OAUTH-WG] more than one assertion? Personally, I'd first like to see more concrete use-cases of how multiple assertions are going to be used in practice. Tony alluded

Re: [OAUTH-WG] more than one assertion?

2010-08-20 Thread Zeltsan, Zachary (Zachary)
Mortimore Sent: Thursday, August 12, 2010 10:24 AM To: Eran Hammer-Lahav; Brian Campbell Cc: oauth Subject: Re: [OAUTH-WG] more than one assertion? Personally, I'd first like to see more concrete use-cases of how multiple assertions are going to be used in practice. Tony alluded to some abstract

Re: [OAUTH-WG] more than one assertion?

2010-08-18 Thread Eran Hammer-Lahav
Campbell Sent: Friday, August 13, 2010 1:55 PM To: David Recordon Cc: oauth Subject: Re: [OAUTH-WG] more than one assertion? On Thu, Aug 12, 2010 at 2:04 PM, David Recordon record...@gmail.com wrote: Given that, would you strongly object to these proposals being written in a separate document

Re: [OAUTH-WG] more than one assertion?

2010-08-13 Thread Torsten Lodderstedt
multiple (SAML) assertions also mean multiple subject statements. Are there any constraints regarding the relations among those subjects (identities)? regards, Torsten. Am 12.08.2010 um 22:01 schrieb Brian Campbell bcampb...@pingidentity.com: I generally agree more with Chuck, David and

Re: [OAUTH-WG] more than one assertion?

2010-08-13 Thread Eran Hammer-Lahav
-Original Message- From: David Recordon [mailto:record...@gmail.com] Sent: Thursday, August 12, 2010 12:36 PM To: Chuck Mortimore Cc: Eran Hammer-Lahav; Brian Campbell; oauth Subject: Re: [OAUTH-WG] more than one assertion? I've only been half following the recent assertion threads

Re: [OAUTH-WG] more than one assertion?

2010-08-13 Thread Brian Campbell
On Thu, Aug 12, 2010 at 2:04 PM, David Recordon record...@gmail.com wrote: Given that, would you strongly object to these proposals being written in a separate document than the core spec? The device flow is a good example of where we're doing this. We really think that it will be useful, are

Re: [OAUTH-WG] more than one assertion?

2010-08-12 Thread Chuck Mortimore
: WFM. -Original Message- From: Brian Campbell [mailto:bcampb...@pingidentity.com] Sent: Tuesday, August 10, 2010 9:03 AM To: Eran Hammer-Lahav Cc: oauth Subject: Re: [OAUTH-WG] more than one assertion? To be honest, I somehow overlooked that particular text - my mistake

Re: [OAUTH-WG] more than one assertion?

2010-08-12 Thread Brian Campbell
I generally agree more with Chuck, David and Brain E than I don't. But I do think that someone will find a pragmatic reason for 1 assertion eventually and I think the proposal earlier in this thread to allow for multiple occurrences of the assertion parameter in the core spec will make that

Re: [OAUTH-WG] more than one assertion?

2010-08-12 Thread David Recordon
Given that, would you strongly object to these proposals being written in a separate document than the core spec? The device flow is a good example of where we're doing this. We really think that it will be useful, are working on implementations, but it hasn't yet been proven in production. On

Re: [OAUTH-WG] more than one assertion?

2010-08-10 Thread Eran Hammer-Lahav
WFM. -Original Message- From: Brian Campbell [mailto:bcampb...@pingidentity.com] Sent: Tuesday, August 10, 2010 9:03 AM To: Eran Hammer-Lahav Cc: oauth Subject: Re: [OAUTH-WG] more than one assertion? To be honest, I somehow overlooked that particular text - my mistake

[OAUTH-WG] more than one assertion?

2010-08-09 Thread Brian Campbell
The question of allowing for multiple assertions in the SAML profile came up recently. See http://www.ietf.org/mail-archive/web/oauth/current/msg04068.html and several subsequent messages in the thread. I pushed back on the idea at first due to added complexity. There are a number of things

Re: [OAUTH-WG] more than one assertion?

2010-08-09 Thread Eran Hammer-Lahav
09, 2010 12:34 PM To: oauth Subject: [OAUTH-WG] more than one assertion? The question of allowing for multiple assertions in the SAML profile came up recently. See http://www.ietf.org/mail- archive/web/oauth/current/msg04068.html and several subsequent messages in the thread. I pushed