Sorry for the delay. Here's what I was thinking about: https://dev.twitter.com/docs/auth/oauth/oauth-echo -- The delegation here (using OAuth V1) is about client 1 delegating to client 2, still presumably operated by the same human user throughout. http://tools.ietf.org/html/draft-vrancken-oauth-redelegation-01 - I've never fully understood this one, to be honest, but it seems different from Echo.
There's also this: http://tools.ietf.org/html/draft-richer-oauth-chain-00 - This is, I believe, explicitly for scoping the delegated access smaller than it was originally. And this: http://tools.ietf.org/html/draft-hunt-oauth-chain-00 - Yet a different pattern from what I can see. I'll try and answer your other emails as soon as I can... Eve On 17 Oct 2012, at 7:28 PM, zhou.suj...@zte.com.cn wrote: > > Hi, Eve > > Sorry for reply late. I somehow missed the emails from OAUTH list. > > "If the client/requesting party is literally acting on behalf of the > initial RO, then it would seem to me that this is closer to the discussions > of "redelegation" and Twitter Echo and such from the past. UMA's use cases > have to do with authorizing delegated access that is performed on behalf of > the client itself (the word "autonomous" from OAuth 1.0 springs to mind). > Eve" > > Can you give me the link of discussion in the past you mentioned? > The usecase Hardjono rediscribed may not necessarily invloving > "redelegation", a more general case would be the Babysitter directly show > delegation to the Teacher and walk the child home. > Eve Maler http://www.xmlgrrl.com/blog +1 425 345 6756 http://www.twitter.com/xmlgrrl
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
