[OAUTH-WG] Fwd: I-D Action: draft-ietf-oauth-saml2-bearer-09.txt

Fri, 28 Oct 2011 11:26:44 -0700 

I posted a new draft that addresses a potential ambiguity raised by an
engineer I work with who is currently implementing against the draft.

draft -09 can be found at:
http://tools.ietf.org/html/draft-ietf-oauth-saml2-bearer-09

and here's the relevant snippet from Appendix B.  Document History:

   draft-ietf-oauth-saml2-bearer-09

   o  Attempt to address an ambiguity around validation requirements
      when the Conditions element contain a NotOnOrAfter and
      SubjectConfirmation/SubjectConfirmationData does too.  Basically
      it needs to have at least one bearer SubjectConfirmation element
      but that element can omit SubjectConfirmationData, if Conditions
      has an expiry on it.  Otherwise, a valid SubjectConfirmation must
      have a SubjectConfirmationData with Recipient and NotOnOrAfter.
      And any SubjectConfirmationData that has those elements needs to
      have them checked.

   o  clarified that AudienceRestriction is under Conditions (even
      though it's implied by schema)

   o  fix a typo



---------- Forwarded message ----------
From:  <internet-dra...@ietf.org>
Date: Fri, Oct 28, 2011 at 11:22 AM
Subject: [OAUTH-WG] I-D Action: draft-ietf-oauth-saml2-bearer-09.txt
To: i-d-annou...@ietf.org
Cc: oauth@ietf.org


A New Internet-Draft is available from the on-line Internet-Drafts
directories. This draft is a work item of the Web Authorization
Protocol Working Group of the IETF.

       Title           : SAML 2.0 Bearer Assertion Profiles for OAuth 2.0
       Author(s)       : Chuck Mortimore
       Filename        : draft-ietf-oauth-saml2-bearer-09.txt
       Pages           : 16
       Date            : 2011-10-28

  This specification defines the use of a SAML 2.0 Bearer Assertion as
  means for requesting an OAuth 2.0 access token as well as for use as
  a means of client authentication.


A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-oauth-saml2-bearer-09.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

This Internet-Draft can be retrieved at:
ftp://ftp.ietf.org/internet-drafts/draft-ietf-oauth-saml2-bearer-09.txt
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to