Hi John, does the "identifier" contain of a domain part AND a username part or only the domain part? That's the crucial question here.
Ciao Hannes On May 9, 2012, at 9:20 PM, John Bradley wrote: > For openID Connect we are using the identifier to discover the AS. We refer > to that as an issuer, and perform a second discovery step to get the > configuration (Auth endpoint, token endpoint, user_info endpoint and other > config) for that issuer. > > SWD/WF may be used for other things by other protocols, but our use is quite > simple. > > I think that is probably the same thing for SASL, but others may think > differently. > > John B. > > > On 2012-05-09, at 1:50 PM, Hannes Tschofenig wrote: > >> Hi guys, >> >> at the last IIW we had a discussion about SASL-OAuth and what the SASL >> server needs to know for discovery. >> The discovery discussions around WebFinger go in the same directions. >> >> So, I have been wondering whether we have made an informed decision about >> how the discovery procedure is actually supposed to look like. >> >> In my view, the relying party (the client) only needs to know who the >> identity provider (the AS/RS) is. >> >> Any other views? >> >> Ciao >> Hannes >> >> PS: Please let me know if I should provide more background about the issue. >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth > _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
