Thanks.
Am 13.05.2010 um 18:02 schrieb Eran Hammer-Lahav <e...@hueniverse.com>:
Will be added to -05.
EHL
-----Original Message-----
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On
Behalf
Of Brian Eaton
Sent: Thursday, May 13, 2010 8:50 AM
To: Chuck Mortimore
Cc: oauth@ietf.org
Subject: Re: [OAUTH-WG] User and Client identity in the Assertion
Flow
On Thu, May 13, 2010 at 8:26 AM, Chuck Mortimore
<cmortim...@salesforce.com> wrote:
Our plan is to treat SAML assertions passed over the assertion
flow as
bearer assertions, so I believe we have everything we need contained
within the assertion (issuer + audience + signature). That being
said, if we want this to be an extensible flow, not all assertion
formats will be so transparent.
I think this is a reasonable suggestion, as long as the
clientid/secret are entirely optional. Not in support of a
second User
Assertion Flow.
Yes. This sounds right to me.
Cheers,
Brian
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
