David: perhaps if you asked the list about features before dropping them we would not all have to argue with you about why to put them back in. Frankly I was surprised that you did not circulate the draft to me as editor of WRAP.
WG Chairs: Is this draft now the draft that the WG is working on and is David now the editor for the WG? -- Dick On 2010-03-23, at 10:47 AM, David Recordon <record...@gmail.com> wrote: > Hey Chuck, > Thanks for rewriting the SAML flow into the style of my draft! I > really appreciate it. > > I originally dropped the SAML flow because I hadn't seen support for > it on the mailing list(s) the past two months. I think that our > default should be making the spec as short and simple as possible so > removed a few things from WRAP in order to start conversations like > this one. It's now clear that Google, Microsoft, Salesforce, and IBM > all need the SAML profile. Chuck, I'll merge your wording in. Want > to be listed as an author? > > We're also going to need to figure out which flows should be in the > core spec versus which should be developed at the same time but in > individual documents. > > Thanks, > --David > > On Tue, Mar 23, 2010 at 4:50 AM, Torsten Lodderstedt > <tors...@lodderstedt.net> wrote: >> +1 for assertion support >> >> what about enhancing the flow #2.4 to accept any kind of user >> credentials >> (username/password, SAML assertions, other authz servers tokens) >> >> regards, >> Torsten. >> >> Am 23.03.2010 um 12:42 schrieb Mark Mcgloin >> <mark.mcgl...@ie.ibm.com>: >> >>> +1 for assertion profile. Was there any reason why it was dropped? >>> >>> On 3/23/10, Chuck Mortimore wrote: >>>> >>>> Just getting a chance to review this – I apologize for not get >>>> ting this >>> >>> before the meeting started. >>> >>>> We’d like to see some form of an Assertion Profile, similar to >>>> section >>>> 5.2 >>> >>> from draft-hardt-oauth-01. We have strong customer use-cases for >>> an >>> assertion based flow, specifically SAML bearer tokens, and I >>> >believe >>> Microsoft may have already shipped a minor variation on this >>> ( wrap_SAML ) >>> in Azure. >>> >>> >>> Mark McGloin >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
